Second quarter sees an 18 percent rise in DDoS attacks
In the second quarter of 2019, the total number of DDoS attacks grew by 18 percent, compared to the same period in 2018 according to a new report from Kaspersky.
There is, however, a drop compared to the first quarter of this year, with attacks down 44 percent. Kaspersky attributes this to seasonal variation with DDoS attack usually declining in late spring and summer.
The seasonal decrease only had a negligible effect on the number of attacks on the application layer though, these reduced by just four percent compared to the previous quarter. These type of attacks target certain functions or APIs of applications in order to consume not only network, but server resources as well. They are also harder to detect and protect from, as they include the performing of legitimate requests. When compared with Q2 2018, the volume of this type of attack has increased by nearly a third (32 percent) and the share of such attacks in Q2 2019 has risen to 46 percent. This is a nine percent increase in share over the first quarter of the year, and 15 percent more in the same period of 2018.
"Traditionally, troublemakers who conduct DDoS attacks for fun go on holiday during the summer and give up their activity until September," says Alexey Kiselev, business development manager on the Kaspersky DDoS Protection team. "However, the statistics for this quarter show that professional attackers, who perform complex DDoS attacks, are working hard even over the summer months. This trend is rather worrying for businesses. Many are well protected against high volumes of junk traffic, but DDoS attacks on the application layer require to identify illegitimate activity even if its volume is low. We therefore recommend that businesses ensure their DDoS protection solutions are ready to withstand these complex attacks."
Among other findings are that analysis of commands received by bots from command and control servers shows that the longest DDoS attack of Q2 2019 lasted 509 hours -- almost 21 days. This is the longest attack since Kaspersky first started to monitor botnet activity in 2015. The previous record holder lasted 329 hours and was registered in Q4 2018.
Full details of the report are available on the Securelist blog.