Incapsula, the DDoS experts at Imperva, have warned that DDoS offender capabilities have rapidly evolved over the past year, enabling them to launch bigger attacks than ever before.
According to the firm, the shift in the threat landscape is being driven by the emergence of botnets leveraging lax password management practices and security vulnerabilities found in IoT devices.
The IoT botnet footprint was evident in attacks mitigated by Imperva Incapsula in Q4 2016. A massive 650Gbps assault was most noteworthy, the largest to ever be mitigated by its service.
Persisting for over 29 days, last quarter Incapsula also thwarted the longest network layer attack of the year. And they saw the number of application layer attacks reach a new record, with an average of 889 assaults per week.
Another notable development was the high amount of botnet activity originating in China. The data shows that 78.5 percent of application layer DDoS attacks against Incapsula customers came from IPs located there—the most ever recorded since periodic reporting began in Q3 2015.
Other key findings include:
Application layer attacks became more common. The number of attacks in Q4 reached an all-time high, with an average of 889 application layer assaults per week. One such attack lasted for more than 47 days, the longest one recorded.
Attack frequency scaled up – On average, 58.3 percent of websites were targeted more than once, with 13.1 percent being targeted more than ten times.
China continued to be a dominating hub of botnet activity, with some 78.5 percent of DDoS attacks worldwide originating from IPs in China.
US, UK and Netherlands top attacked country list, drew 74.9 percent of all attacks (With the US accounting for 56.7 percent of attacks).
"DDoS offender capabilities have rapidly evolved over the past year, enabling them to launch bigger attacks than ever before,” said Igal Zeifman, director at Imperva Incapsula.