NSFOCUS, provider of enterprise-level solutions and services for distributed denial of service (DDoS) mitigation, Web security and network security has released their mid-year 2013 DDoS Threat Report with the aim of educating the broader IT industry about observations and trends regarding DDos attacks.  The overall highlights of the report suggest DDoS attacks while shrinking in length, are gaining in the number of attacks and becoming increasingly profit-driven.

The report was put together by the company’s Security Research Academy, an in-house team of anti-DDoS analysts (larger than the entire staffs of Prolexic and Arbor Networks combined).  In compiling the report, NSFOCUS’ Security Research Academy observed and researched 168,459 DDoS incidents from around the globe.  Among the incidents observed, the research team analyzed 90 attacks that were reported on by media outlets.  These 90 attacks have been traced back to such international hacker groups as Izz ad-Din al-Qassam Cyber Fighters and Anonymous and include the infamous Spamhaus incident, described by some experts as the “biggest cyber attack in history.”

While large enterprises and organizations often crowd the headlines, small to medium enterprises and businesses are not exempt from DDoS threats. Based on traffic analysis, the findings reveal there is an average of 1.29 DDoS attacks occurring worldwide every two minutes with the majority of attacks being short and small. The report found that 93.2 percent of DDoS attacks were less than 30 minutes in duration and 80.1 percent did not surpass a traffic rate of 50 Mbps.

If we were to consult the media it would seem cyber war and hacktivism incidents constitute the majority of DDoS attacks, yet the NSFOCUS research points otherwise.  Among the 90 major DDoS events reported by the media, hacktivism was the primary motivation behind 91.1 percent of attacks. However, this percentage only reflects the microscopic focus of the media and does not account for the over 168,000 incidents which were researched and observed around the globe.  When we look at the big picture we find in reality; it’s attacks motivated by profit-driven competition, ransom and extortion, such as competition in the online gaming industry, which becomes the true enterprise threat – and actually comprises the majority of all DDoS attacks.

Not only are profit-driven attacks on the rise, but they seem to be on repeat as well.  The cheap cost of  DDoS-for-hire (botnet rental) and the willingness of websites lacking defense capabilities to pay ransom have contributed to a trend of repeat attacks. It was found that in 2013, 68.7 percent of victims suffered multiple attacks, which was up by nearly 30 percent compared with 2012.  Meanwhile, only 31.3 percent suffered a single DDoS attack, down from 50.7 percent the year prior. NSFOCUS expects the trend of cyber criminals attacking the same target multiple times will continue to grow over the second half of 2013.

According to report statistics, while the amount of DDoS attacks fluctuates on a monthly basis, the overall trend of attack incidents is on the rise year after year. It seems profit-driven cybercriminals are becoming increasingly drawn to utilizing the least amount of resources to cause the maximum damage and disruption to their victims. NSFOCUS also predicts that application layer attacks will become the most prevalent types of attacks now and in the future.

The report serves as a strong reminder that ineffective data management and an inadequate network can leave a company at risk for DDoS attacks.   A variety of solutions are available including the NSFOCUS Anti-DDoS System (ADS) which serves to empower customers to find and fend off a variety of incidents, from simple network layer attacks to more sophisticated and potentially damaging application-layer attacks, all while guaranteeing legitimate traffic gets through to networks and corporate-critical systems.  Whether you are a small or large enterprise it is important to be aware of the on-going threat of recurring and ransom-ridden DDoS attacks.  By taking proactive measures to secure your network and seeking out a solution that fits your businesses’ needs, you can better protect yourself from DDoS attacks which for the short future, don’t seem to show any signs of slowing down.