During 4Q 16, peak attack size was 127Gbps and at a top speed of 50Mpps.
During 4Q 16, peak attack size was 127Gbps and at a top speed of 50Mpps.
Last year was not a great time for companies targeted by distributed denial of service attacks (DDoS) – with the average peak size increasing by 167 percent, according to a new report from VeriSign.

According to statistics that the domain name and data security provider recorded during the fourth quarter, the peak attack size was 127Gbps and at a top speed of 50Mpps (million packets per second). The good news from the report was that the total number of attacks dropped by five percent from the previous quarter.

The survey shows that more than half of VeriSign's customers who experienced a DDoS attack during the fourth quarter of 2016 were targeted multiple times. Some 87 percent of the attacks peaked at greater than 1Gbps while more than half, 52 percent, peaked at greater than 5Gbps.

For the year, each quarter was significantly higher than the corresponding quarter in 2015, although the first quarter of 2016 was by far the most active. The average peak attack size in 2016 was 11.2Gbps compared to the 6.02Gbps recorded a year earlier.

UDP flood attacks topped the list of the type of DDoS attacks. In the U.S., VeriSign noted that 52 percent of attacks were UDP floods, while 23 percent were IP fragment attacks, 16 percent were TCP-based, four percent were Layer 7 attacks, and five percent were described as “other.”

From an industry perspective, the IT services/cloud/SaaS vertical took the brunt of the fourth quarter DDoS attacks, VeriSign notes. The media industry, which topped the first and second quarters as the most attacked industries, came in second. The financial sector was the most popular DDoS target in the third quarter, but fell to third place in the final quarter of the year.  Interestingly, the e-commerce and online markets, which traditionally do their greatest amount of sales in the fourth calendar quarter, were the least hit segments in 2016.