Imperva has issued its quarterly DDoS Threat Landscape Report which reviewed the changes in DDoS attack patterns in Q3 2015. The report was compiled using data from 7,752 network and application layer assaults mitigated by Imperva Incapsula in Q3 2015.
Key findings from the study include:
- 100+ Gbps attacks became commonplace: A 100+ Gbps network layer attack was mitigated once every other day, with the largest one peaking at 260 Gbps. The largest application layer attack peaked at 268,800 requests per second.
- China cemented its status as the top attacking country: 37.5 percent of DDoS botnet traffic originated in China, making it by far the leading source country of attacks worldwide.
- Attackers focused fire on US and APAC hosted websites: US hosted websites were targeted by 45.8 percent of DDoS botnet traffic, making them the most attacked worldwide. APAC hosted websites were on the receiving end of 40.7 percent of botnet traffic.
- The increased sophistication of multi vector attacks: While the number of multi-vector attacks decreased from 44 percent in the second quarter, they increased in sophistication, with eight and nine vector assaults taking place.
- The resurgence of Baidu impersonators: After a huge decrease in Q2 2015, there was a resurgence in Baidu bot impersonators, most likely due to the increase in DDoS attacks out of China.
- Attacks grew shorter: The duration of network layer attacks was markedly down, with only four percent lasting more than three hours. Still, the longest one lasted for 31 days. The longest application layer attack lasted more than 20 days.
The report is available here.