stateoftheinternet.com

[Q3 2014 ]

= compared to [Q2 2014]

• High-bandwidth attacks (greater than 100 Gbps) jumped 183 percent

• All high-bandwidth attacks used a SYN flood among multiple attack vectors

• Multi-vector attacks are increasing due to ease of use and availability of toolkits available through the DDoS-for-hire underground

• The number of infrastructure-layer attacks was up 2 percent

• Infrastructure-layer attacks represented 89 percent of all DDoS attacks

• Duration of attacks was up 29

2 / [state of the internet] / security (Q3 2014)

= the trend toward larger attacks

What is driving larger attack sizes? • Attackers are taking a force not technique approach. ⁄ Previous attack trends favored reflection-based attacks using protocols such as

NTP, SNMP, DNS, and CHARGEN

⁄ Malicious actors are choosing attack tools that focus on SYN and UPD payloads with long attack campaigns

⁄ The largest attacks used traditional botnet-based methods

• Multi-vector attacks are becoming the norm ⁄ More than half of all DDoS attacks used multiple attack vectors

⁄ Easy-to-use attack toolkits make sophisticated multi-vector attacks available to a larger number of malicious actors

• Evolving reflection-based attacks may also be used to generate high-bandwidth DDoS attacks

3 / [state of the internet] / security (Q3 2014)

= compared to [Q3 2013]

• Attacks were larger and longer than the same quarter a

year ago Average attack bandwidth increased 389 percent

Peak packet-per-second volume increased 366 percent.

Heavy bandwidth consumption with increased packet rate shows the growing

sophistication of DDoS attacks

Multi-vector attacks increased 9 percent

Application layer attacks decreased 44 percent

Infrastructure layer attacks increased 43 percent.

Total DDoS attacks increased 22 percent

• 2014 will likely set a record for number of DDoS attacks

4 / [state of the internet] / security (Q3 2014)

= distribution of DDoS attack vectors

5 / [state of the internet] / security (Q3 2014)

= geographical source of Q3 2014 attacks

China and the U.S. continue to lead in the number of DDoS attacks Attacks from China decreased from 62 percent of malicious traffic in Q3 2013 to

20 percent Brazil’s share of DDoS traffic saw a dramatic increase, to 18 percent of the total,

compared with 8 percent in Q3 2013

6 / [state of the internet] / security (Q3 2014)

= target industries in Q3 2014

7 / [state of the internet] / security (Q3 2014)

= targeted industries: analysis

• As in Q2 2014, gaming was the most-targeted industry

⁄ Targeted in 33 percent of attacks

• Media was second-most targeted at 24 percent

⁄ Increased from 15 percent in Q2

• Media-focused attacks tend to coincide with political and civil

issues in the news

• Software and technology firms were targeted in 19 percent of

attacks

• Financial services, including banks and trading platforms,

accounted for 9 percent of attacks

⁄ Continues a trend from Q2 2014 of fewer attacks in this industry

8 / [state of the internet] / security (Q3 2014)

= Q3 2014 state of the internet – security report

Download the Q3 2014 State of the Internet – Security Report, which includes: Analysis of DDoS attack trends

Bandwidth (Gbps) and volume (Mpps) statistics

Year-over-year and quarter-by-quarter analysis

Application layer attacks and infrastructure attacks

Attack frequency, size and sources

Where and when DDoSers strike

How and why attackers are building DDoS botnets from devices other than PCs

and servers

Details of a record-breaking 321 Gbps DDoS attack

Syrian Electronic Army (SEA) phishing attacks

• Learn more at www.stateoftheinternet.com/security-reports

9 / [state of the internet] / security (Q3 2014)

= about stateoftheinternet.com

• StateoftheInternet.com, brought to you by Akamai, serves as the home

for content and information intended to provide an informed view into

online connectivity and cybersecurity trends as well as related metrics,

including Internet connection speeds, broadband adoption, mobile

usage, outages, and cyber-attacks and threats.

• Visitors to www.stateoftheinternet.com can find current and archived

versions of Akamai’s State of the Internet (Connectivity and Security)

reports, the company’s data visualizations, and other resources

designed to put context around the ever-changing Internet landscape.

10 / [state of the internet] / security (Q3 2014)