DDoS attacks declined in Q2 while Zeus, Storm and Heartbleed made their marks on security, an Akamai report on the state of the internet shows.
DDoS attacks declined in Q2 while Zeus, Storm and Heartbleed made their marks on security, an Akamai report on the state of the internet shows.

Even as the internet connectivity remained steady and average connection speed increased above broadband levels, the number of distributed denial-of-service (DDoS) attacks declined the second quarter of 2014, which was also marked by the discovery of the OpenSSL vulnerability Heartbleed.

According to Akamai's "Q2 2014 State of the Internet Report," the company's customers logged 270 DDoS attacks during the second quarter, a decline of 15 percent from the 283 attacks reported the quarter before. The downward trend, said Akamai, supports the finding of a Q2 global DDoS report from Prolexic, which Akamai acquired earlier this year. The Prolexic study found that volumetric attacks aimed at Layers 1-4 are on the rise but those targeting Layers 5-7 are on the downswing.

The study found that DDoS attacks were down globally but increased by 11 percent in the Americas, accounting for 57 percent of reported attacks. The news was better for the Asia Pacific, which marked the largest decline in DDoS attacks, dropping 23 percent from the first to the second quarter. That region accounted for 25 percent of DDoS attacks reported worldwide.

The number of attacks globally dropped, in part, because many of the attacks in Asia Q1 were related to political activity, Martin McKeay, security advocate at Akamai, told SCMagazine.com.

Attacks targeting the high tech sector rose 60 percent in the second quarter but those in the public sector declined by 54 percent. A decrease in the number of attacks on government, was “directly related to the situation in Singapore in the first quarter,” said David Belson, senior director of Industry and Data Intelligence at Akamai, calling the drop “more of a return to normal.”

The report noted that for the first time since it started tracking repeated attacks against targets, the number of those attacks declined from 26 percent to 18 percent. In fact, only two of the company's customers were hit more than five times — one of those was targeted seven times. 

However, that is a steep decline from the quarter before when the high was 17 attacks. 

“More companies received a second attack than before,” said Belson, explaining that attackers typically stopped there, by and large not returning for a third, fourth or fifth attack.

The second quarter was remarkable in that it saw an uptick in Simple Network Management Protocol (SNMP) reflection attacks, the emergence of Heartbleed and the proliferation of both Storm and Zeus.

Noting that “Akamai learned about Heartbleed slightly ahead of public notice of the vulnerability,” the report noted the company patched its Secure Content Delivery Networks on April 4 by disabling heartbeats and the next day patched its core HTTP content delivery network. After careful review, the company rotated customer certificates late on April l3 and began rotating ssl keys on April 14.