Вы находитесь на странице: 1из 1

Q 2 2 0 1 5 [s t a t e o f the i nter n e t] / s ec ur it y

DDoS AND WEB


APPLICATIONS
ATTACKS
STATS & TRENDS
APRIL JUNE 2015

DDoS ATTACKS
QUICK TAKEAWAYS
Record number of attacks
Generally less powerful
Longer lasting
Multi-vector DDoS
12 mega attacks > 100 Gbps
(versus 6 in Q2 2014)

SYN
(Often used in the
largest attacks)

OTHER

16.0

16.1
DNS

TOP DDoS
VECTORS

8.7
8.7

HTTP GET
(Often abuses
WordPress and
Joomla websites)

15.8

SSDP
(Abuses UPnP
devices in homes)

(BY PERCENTAGE)

13.6

9.4

NTP

UDP FRAGMENT

11.5
UDP

12 MEGA
ATTACKS
GREATER

100

THAN Gbps
HIGHEST
VOLUME
DDoS ATTACK
214 Mpps

AVERAGE
ATTACK
7 Mpps

LARGEST
BANDWIDTH
DDoS
ATTACK

249 Gbps
AVERAGE
ATTACK

7 Gbps

Mpps

50%

50%
1 VECTOR

2 OR MORE

VECTORS

MOST COMMON:
SYN & UDP WITH

EXTRA DATA

AND PADDING

SOURCES AND TARGETS


TARGETED INDUSTRIES

E DURA
AG
TI
R
E

X
GAMING

X
SOFTWARE
TECHNOLOGY

ON

AV

MOST TARGETED INDUSTRY

X
GAMING

X
MEDIA &
ENTERTAINMENT

20
.6 H R S

X
FINANCIAL
SERVICES

X
INTERNET
& TELECOM

OTHER

21.5

TOP 5
SOURCE
COUNTRIES

6.0

SPAIN

(BY PERCENTAGE)

7.4

INDIA

10.2

UK

CHINA

37.0

17.9
US

TRENDS
COMPARED TO Q2 2014
11%

77%

132%
Total
DDoS
attacks

122%
Average
peak
volume

134%

19%

100%

Average Application Infrastructure Average


peak
layer DDoS
layer
attack
bandwidth
attacks
attacks
duration

Total
attacks >
100 Gbps

17%
7%

15%

24%

18%

6%

50%

COMPARED TO Q1 2015

WEB APPLICATION ATTACKS

352.55

MILLI N

ATTACKS
OF THEM USED

49

SHELLSHOCK

TO TARGET ONE

FINANCIAL

SERVICES

PERCENT

FIRM (95%)

TOP
3
WEB
APPLICATION ATTACKS
OTHER 7%
LOCAL FILE INCLUSION 18%
SQL INJECTION 26%
SHELLSHOCK 49%
LESS POPULAR ATTACKS:
REMOTE FILE INCLUSION, PHP INJECTION, COMMAND INJECTION,
JAVA INJECTION, MALICIOUS FILE UPLOAD, CROSS-SITE SCRIPTING

56
PERCENT

More than half of all web application


attacks were sent over HTTPS.
Half of HTTPS attacks were Shellshock.

MOST TARGETED INDUSTRIES

X
RETAIL AND
FINANCIAL
SERVICES

OTHER

10.0

RUSSIA

6.0
GERMANY

7.0

11.0

BRAZIL

TOP 5
SOURCE
COUNTRIES*

51.0

CHINA

(BY PERCENTAGE)

15.0

*Based on last hop

US

80

% of web application

attacks targeted US sites

THREAT ADVISORY DOWNLOADS


OurMine Team

RIPv1 reflection
DDoS

Third-party WordPress
plugin vulnerabilities

Logjam
vulnerability
DD4BC

The Akamai platform consists of more than 200,000 servers in more than
100 countries around the globe and regularly transmits between 15 30% of all
Internet traffic. In February 2014, Akamai added the Prolexic network to its portfolio,
a resource specifically designed to fight DDoS attacks. This report draws its
data from the two platforms in order to provide information about
current attacks and traffic patterns around the globe.

Access the complete Q2 2015 state of the internet / security report at

www.stateoftheinternet.com/security-reports
Statistics based on attack campaigns mitigated by Akamai.

[state of the internet]