India Is 4th Largest Victim Of DDoS Attacks; Web Application & Gaming Favorite Targets For Criminals – Akamai
Denial of Service Attacks (DDoS) has doubled in the last three months; and India has emerged as 4h largest victim of these attacks. India accounted for 7.43% of all DDoS attacks, whereas with 37.01%, China is the top victim.
US shared 17.88% while UK had 10.21% of all DDoS attacks happening globally.
These stats were shared by Akamai in their State of the Internet Security Report for Q2 2015.
During Q1 of 2015, India accounted for 6.93% of all DDoS attacks in the world, which has increased to 7.43% in Q2 of 2015.
Compared to Q2 of 2014, DDoS attacks all over the world have increased by 132.43%. Here is a breakdown:
Application layer (Layer 7) DDoS attacks: Increase of 122.22%
Infrastructure layer (Layer 3 & 4) attacks: Increase of 133.66%
Average attack duration: Increase of 18.99%
Average peak bandwidth: Decrease of 11.47%
Average peak volume: Decrease of 77.26%
Web applications being used in Internet and Telecom niche experienced severest of attacks, as out of 12, 10 massive attacks were targeted for websites in this niche. Gaming niche is at #2, among favorite niches for criminals to wreck havoc.
However, if we dissect the report as per volumes of DDoS attacks on various sectors, then Gaming emerged as the #1 victim of such attacks with a whopping 35.2% share, compared to 27.7% shared by Software and Tech niche.
Interestingly, 56% of all attacks were targeted for https sites, whereas 44% were for http sites; which means that https hasn’t been able to stop the flow of attacks. In Q1 of 2015, only 9% of the attacks happened on https servers.
While the volume of such attacks is increasing, the quality has also substantially improved, signifying that attackers are now more focused and empowered.
As per the report, during the last quarter, 12 attacks peaking at more than 100 Gigabits per second (Gbps) and five attacks peaking at more than 50 Million packets per second (Mpps) occurred. The largest such attack measured 240 gigabits per second (Gbps) speed and continued for more than 13 hours.
China is strangely both the largest source and target of attacks on web applications. 51% of all DDoS attacks happening globally had China as the source, whereas US gave birth to 15% of all attacks. Brazil has emerged as the new destination for hackers as it accounted for 11% of all DDoS attacks.
The most common form of DDoS attacks were SYN and Simple Service Discovery Protocol (SSDP), which accounted for 16% of all attacks, globally.
Some more interesting data:
- Two new attack vectors were discovered this quarter: Shellshock and cross-site scripting (XSS)
- 49% of all web application analyzed had the vulnerability of Shellshock; but 95% of the attacks under this vector was directed towards one single financial services portal
- SQL Injection accounted for 26% of all attacks
- Local file inclusion (LFI) method of DDoS attacks has dropped this quarter, as it accounted for only 18% share. Last quarter, it was the top preferred method.
- Other upcoming methods of DDoS attacks are: Remote file inclusion (RFI), PHP injection (PHPi), command injection (CMDi), OGNL injection using OGNL Java Expressing Language (JAVAi), and malicious file upload (MFU) attacks
- Akamai tested 1300 WordPress plugins and themes, and found that 25 of them had atleast one new vulnerability; overall 49 potential exploits were detected among WordPress based apps.
You can find the complete reports here.