DDoS Attacks: Trends show a stronger threat in 2015

DDoS AttackRecent DDoS attacks reveal a threat that is growing stronger and more widespread. The trend will likely continue in 2015.

The number of DDoS attacks nearly doubled year-over-year in Q4 2014, increasing 90%, according to the State of the Internet report.

The force of the attacks also grew. Researchers in Hong Kong saw attacks that peaked at 500 Gbps in late 2014. That’s five-times greater than the 100 Gbps record set in 2012.

Below, you’ll see some of the largest recent DDoS attacks and what you can expect in 2015.

Recent DDoS attacks 2014 and 2015

Record-breaking 500 Gbps attack in Hong Kong

Independent media websites in Hong Kong received record-breaking DDoS attacks in late 2014. Peaking at 500 Gbps, the assaults were about 25% stronger than the previous record of 400 gigabits per second set earlier in 2014.

“ larger than any attack we’ve ever seen,” said Cloudflare CEO Matthew Prince in an interview with Forbes. Cloudflare is a content delivery and distributed DNS provider.

France swarmed after terror attack

Roughly 19,000 French websites were hit in the week following the Jan 2015 terrorist attacks on the offices of French magazine Charlie Hebdo. Most were minor DDoS attacks, but the scale gave pause to France’s military head of cyber defense, Adm. Arnaud Coustilliere.

“This is the first time that a country has been faced with such a large wave of cyber-contestation,” he told the Associated Press.

PlayStation Network and Xbox Live hit at Christmas

Major DDoS attacks struck Sony’s PlayStation Network and Microsoft’s Xbox Live online gaming services on Christmas Day 2014. Both services came offline for several days during a critical time of year for customers

The attack was allegedly a misguided marketing stunt by a group of hackers. The group hoped to sell its DDoS attack service to the general public, using the assaults on Microsoft and Sony to spur interest.

Despite the impact of these attacks, they are frighteningly easy to launch.

DDoS attack trends in 2015

We predict these attacks will continue to spread throughout the year.

1. Attacks will grow in number

The growing number of DDoS attacks shows no sign of slowing. The attacks on Xbox Live and PlayStation Network are less than two months behind us. Attacks also recently hit the Dutch government and British social services.

DDoS-for-hire services, as covered by Brian Krebs, are multiplying. A growing number of vulnerable devices are joining the internet (see more below). Looking at these trends, we expect even more DDoS attacks in 2015.

2. Attacks will grow in power

Ten years ago, the most powerful DDoS attack peaked at 8 Gbps. Today, the number is more than 60-times greater at roughly 500Gbps. The new record is 25% higher than the previous record of 400Gbps, set in Feb. 2014 only nine months earlier.

As hackers improve their tactics, and as vulnerable devices continue to jump online, we expect to see even stronger DDoS attacks in 2015.

3. Attacks will be fueled by IoT vulnerabilities

A jaw-dropping 25 billion connected devices will create the Internet of Things (IoT) by 2020, according to Gartner estimates.

As televisions, refrigerators, thermostats, and other devices connect to the IoT , many of them have little or no security to prevent malware infections. The result: many of the “smart” devices end up as mindless drones in a hacker group’s botnet.

This, combined with the continued lack of security in home routers and steady discovery of widespread vulnerabilities, is expected to give hackers more firepower to harvest botnets and launch stronger DDoS attacks in 2015.


Related resources

Top Threats: Massive denial-of-service attacks

Top Threats: Heartbleed Bug in OpenSSL

Shellshock: New bug doesn’t shock IT service providers

Wireless Router Security is Dangerous: 6 Reasons

Written by Calyptix

 - February 17, 2015

About Us

Calyptix Security helps small and medium offices secure their networks so they can raise profits, protect investments, and control technology. Our customers do not waste time with security products designed for large enterprises. Instead, we make it easy for SMBs to protect and manage networks of up to 350 users.
call us
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram