DDoS Protection Services Hope DDoS Attacks will Actually Continue.
Because it’s big business and business is good even though some reports say that DDoS attacks are on the decline. For the first quarter of 2017 nearly 55% of targeted sources are in China which is quite a drop from the previous quarter which was at 77%. The number of countries involved dropped to 72 countries with China accounting for the 55% and accounted for the vast majority of the attacks. With the exception of South Korea and the USA, most countries have had very little significant change in the number of DDoS attacks.
The two countries with a fairly large increase in DDoS attacks was South Korea and USA which increased from 7% to 22% and 7% to 11% respectively. It is also important to note however, how many computers in general are actually online, connected to the internet. Even though Vietnam is ranked as the 6th largest targeted country it is probably safe to surmise that Vietnam is not as well connected as Honk Kong for example with a much more dense and built-up urban population.
The longest DDoS attack in Q1 2017 lasted just 120 hours, which is a whopping 59% shorter than the previous quarter. Most all other attacks lasted just under 50 hours and an even larger majority were no more than just four hours. Even those attacks that lasted 5-9 hours declined over 10%. SYN DDoS also declined from 75% to 48%. Windows-based botnets have now also exceeded Linux botnets, increasing from 25% to nearly 60% for the first quarter in 2017.
So why the decline in DDoS activity and why should companies continue to put aside large amounts of their budget towards DDoS mitigation and prevention if DDoS is simply declining by such large numbers? There could be a few explanations for this.
The first is that DDoS prevention services are simply improving and are able to stop these attacks much more efficiently, quickly and for longer periods of time. The other, is just because DDoS attacks may seem to be on the decline you may still be in a high risk industry that is leaning towards an opposite trend of current DDoS attack statistics. In addition, lowering your defenses provides an easier opportunity and higher level of damage to an actual DDoS attack should it happen. The same report by securelist.com shows a considerable increase in attacks using TCP, UDP and ICMP even though SYN floods declined.
Another third reason is the increase in ransomware attacks that unfortunately seem to be gaining in popularity and proving to be more effective. There is a much more attractive financial opportunity with ransomware especially with the use of Bitcoin that can easily hide the hackers tracks while still receiving easy and nearly guaranteed payment.
As Kaspersky notes, complex attacks are becoming more frequent that can actually only be combated with sophisticated DDoS protection. However, due to the decline in DDoS attacks in general, (noting no recordings of a single amplification attack in Q1 2017) they conclude that DDoS effectiveness is steadily declining and may even become a thing of the past. Even though as mentioned earlier regarding encryption based attacks, those types of attacks do not seem to be having a large enough impact. Yet.
For more info, please visit: https://securelist.com/ddos-attacks-in-q1-2017/78285/