ddos and web applications attacks
DESCRIPTION
This helpful infographic details the statistics and trends related to DDoS and web application attack traffic as oberserved during Q2 2015. Q2 2015 saw 12 mega DDoS attacks over 100 Gigabytes-per-send (Gbps) – 100 percent year-over-year increase. Frequently targeted industries for DDoS attacks included gaming, media and entertainment. Web application attacks utilizing the Shellshock vector resurged over Q2 2015 by 49 percent. For more information, download the State of the Internet – Security Report at http://bit.ly/1gUtZFYTRANSCRIPT
Access the complete Q2 2015 state of the internet / security report at
www.stateoftheinternet.com/security-reportsStatistics based on attack campaigns mitigated by Akamai.
[state of the internet]
DDoS AND WEB APPLICATIONS
ATTACKSS T A T S & T R E N D S
A P R I L – J U N E 2 0 1 5
Q2 2015 [state of the internet] / secur i ty
DDoS ATTACKS
WEB APPLICATION ATTACKS
TRENDS
OTHER
11.5
13.6
15.8
16.016.1
8.7
8.7
9.4
DNS
HTTP GET(Often abuses
WordPress andJoomla websites)
NTP
UDP
UDP FRAGMENT
SSDP(Abuses UPnP devices in homes)
SYN(Often used in the largest attacks)
SOURCES AND TARGETS
QUICK TAKEAWAYS
Record number of attacks
Generally less powerful
Longer lasting
Multi-vector DDoS
12 mega attacks > 100 Gbps(versus 6 in Q2 2014)
TOP DDoSVECTORS
(BY PERCENTAGE)
MOST TARGETED INDUSTRY TARGETED INDUSTRIES
12 MEGAATTACKSGREATER100
GbpsTHAN
249 Gbps
LARGESTBANDWIDTHDDoSATTACK
7 Gbps
AVERAGEATTACK
AVERAGEATTACK7 Mpps
HIGHESTVOLUMEDDoS ATTACK214 Mpps
Mpps
50%2 OR MOREVECTORSMOST COMMON:SYN & UDP WITHEXTRA DATAAND PADDING
50%1 VECTOR
TOP 3 WEBAPPLICATION ATTACKS
LESS POPULAR ATTACKS: REMOTE FILE INCLUSION, PHP INJECTION, COMMAND INJECTION,JAVA INJECTION, MALICIOUS FILE UPLOAD, CROSS-SITE SCRIPTING
OF THEM USEDSHELLSHOCKTO TARGET ONEFINANCIALSERVICESFIRM (95%)
49 PERCENT
21.5
37.0
17.910.2
7.4
6.0
OTHER
SPAIN
INDIA
UK
TOP 5SOURCE
COUNTRIES(BY PERCENTAGE)
US
CHINA
10.0
51.0
15.0
11.0
7.0
6.0
OTHER
RUSSIA
GERMANY
BRAZIL
US
TOP 5SOURCE
COUNTRIES*(BY PERCENTAGE)
CHINA
132%
11% 77%
122% 134% 19% 100%
COMPARED TO Q2 2014
7% 18% 6%15% 24%
17%
50%
COMPARED TO Q1 2015
More than half of all web application attacks were sent over HTTPS.
Half of HTTPS attacks were Shellshock.
Applicationlayer DDoS
attacks
Averagepeak
bandwidth
Averagepeak
volume
TotalDDoS
attacks
Infrastructurelayer
attacks
Averageattack
duration
Totalattacks >100 Gbps
of web application attacks targeted US sites
*Based on last hop
THREAT ADVISORY DOWNLOADS
The Akamai platform consists of more than 200,000 servers in more than 100 countries around the globe and regularly transmits between 15 – 30% of all
Internet traf�c. In February 2014, Akamai added the Prolexic network to its portfolio, a resource speci�cally designed to �ght DDoS attacks. This report draws its
data from the two platforms in order to provide information about current attacks and traf�c patterns around the globe.
80%
OTHER – 7% LOCAL FILE INCLUSION – 18% SQL INJECTION – 26%SHELLSHOCK – 49%
56 PERCENT
GAMINGX
INTERNET& TELECOM
X
GAMINGX
MEDIA &ENTERTAINMENT
X
FINANCIALSERVICES
X
SOFTWARETECHNOLOGY
X
20.6 HRS
AV
ERAGE DURATION
352.55MILLI NATTACKS
OurMine Team RIPv1 re�ectionDDoS
Logjamvulnerability
Third-party WordPressplugin vulnerabilities DD4BC
MOST TARGETED INDUSTRIES
RETAIL ANDFINANCIALSERVICES
X