Connect with us

Hi, what are you looking for?

HEADLINES

Kaspersky releases lab report on DDoS attacks in Q1 2017

The first quarter of 2017 has confirmed the forecasts about the evolution of DDoS attacks made by Kaspersky Lab experts following the 2016 results. It also demonstrates that cybercriminals need a rest too.

The first quarter of 2017 has confirmed the forecasts about the evolution of DDoS attacks made by Kaspersky Lab experts following the 2016 results. It also demonstrates that cybercriminals need a rest too.

Despite the growing popularity of complex DDoS attacks continuing into the first quarter, there was a noticeable decline in the number of overall attacks and a change to how they were dispersed by country.

In the first quarter of 2017, the Kaspersky DDoS Intelligence system* recorded DDoS attacks against resources in 72 countries, which is eight less than in the fourth quarter of 2016. The Netherlands and the UK replaced Japan and France among the top 10 countries with the most DDoS victims.

South Korea remained the leader in terms of the number of detected C&C servers. The US came second in this respect, followed by the Netherlands, which dislodged China from the top three for the first time since monitoring began.

Advertisement. Scroll to continue reading.

The latter dropped from second to seventh place. Japan, Ukraine and Bulgaria all left the top 10 ranking of countries with the highest number of C&C servers. They were replaced by Hong Kong, Romania and Germany.

Distribution by operating system also changed in Q1 2017. In the previous quarter, Linux-based IoT botnets were the most popular, but they were squeezed out by Windows-based botnets, whose share grew from 25% to 60% in the first quarter.

The number of TCP, UDP and ICMP attacks increased considerably, while the share of SYN DDoS and HTTP attacks declined from 75% in the fourth quarter of 2016 to 48% in Q1.

During the reporting period, not a single amplification-type attack was registered, while the number of encryption-based attacks grew. This is in line with last year’s forecasts about a shift in DDoS from simple, powerful attacks to attacks that are difficult to identify using standard security tools.

Overall, the quarter was relatively quiet: the largest number of attacks (994) was observed on 18 February. The longest DDoS attack in Q1 2017 only lasted 120 hours, which is significantly lower than the previous quarter’s maximum of 292 hours.

Advertisement. Scroll to continue reading.

“There’s typically a pronounced decline in the number of DDoS attacks at the beginning of the year, and this trend has continued now for five years. This may be due to cybercriminals or their clients taking a break. However, despite this now familiar downturn, we still recorded more attacks between January and March of this year than we did in the first quarter of 2016, which confirms the conclusion that the overall number of DDoS attacks is growing. So now is not the time to let your guard down; rather, it’s better to take care of your protection before the cybercriminals get back to their usual work routine,” comments Kirill Ilganaev, Head of Kaspersky DDoS Protection at Kaspersky Lab.

Kaspersky DDoS Protection combines Kaspersky Lab’s extensive expertise in combating cyber threats and the company’s unique in-house developments. The solution protects against all types of DDoS attacks regardless of their complexity, strength or duration.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The exploit, discovered by Kaspersky’s Global Research and Analysis Team (GReAT), required no user interaction beyond clicking a malicious link and demonstrated exceptional technical...

HEADLINES

This recognition underscores Kaspersky's commitment to providing robust security solutions tailored for industrial environments.

HEADLINES

At the end of 2023, Sophos X-Ops noted a significant increase in ‘remote encryption’ attacks – where ransomware attackers breach a compromised and often...

HEADLINES

With the launch of KATA 7.0, organizations can now benefit from enhanced Network Detection and Response (NDR) capabilities with deeper network visibility, internal threats...

HEADLINES

In 2024, Globe blocked 3,096 child pornography domains or those containing child sexual abuse and exploitation materials (CSAEM), a slight increase from 3,047 domains restricted...

HEADLINES

During a recent webinar on Building Resilience Against Online Scams, hosted by fiber broadband and technology provider Converge ICT Solutions Inc., its Chief Executive...

HEADLINES

In 2024, Kaspersky restructured its Partner Program into four key partner types, recognizing the diverse profiles within its network – from traditional resellers and...

White Papers

The study tested 2,000 UK and US consumers, exposing them to a series of real and deepfake content. The results are alarming: only 0.1%...

Advertisement