Incident Response, TDR

DDoS attacks rage on, primarily impacting U.S. and Chinese entities

Organizations in the U.S. and China should be especially aware of distributed denial-of-service (DDoS) attacks, as more than half of them in Q2 of this year were aimed at the two countries.

Kaspersky Lab's “DDoS Intelligence Report Q2 2015” found that from April until the end of June this year, DDoS attacks impacted 79 countries, with most, 77 percent, affecting only 10 countries. In addition to China and the U.S., South Korea, Canada, Russia and France accounted for a large portion of attacks.

The cybersecurity company defined a single attack as an incident during which there was “no break in botnet activity lasting longer than 24 hours.” If the same entity was attacked by the same botnet but with a 24 hour gap in activity, the two incidents would be considered separate.

The longest attack recorded during this past quarter lasted 205 hours, or eight and a half days. The peak number of attacks clocked in at 1,960 on May 7, and the low, at 73 attacks, occurred on June 25.

The popularity of these attacks stems from the ease with which they can be arranged, said Andrey Pozhogin, senior product marketing manager at Kaspersky Lab North America, in emailed comments to

“Today, it is much easier to launch a DDoS attack,” he wrote. “Suddenly, you don't have to be an expert in the field – all the power and potential damage is available to you with a few clicks. It's also relatively cheap to commission a DDoS attack.”

He noted that some online services charge as little as $50 for an attack that can cause serious damage to a company's reputation, as well as financial losses. An average DDoS attack can range in cost to a company, depending on its size, anywhere from $52,000 to $444,000, Pozhogin said.

As far as days of the week to be attacked, Sunday was the most popular day, accounting for 16.6 percent of them, and Tuesday was the least popular with 12.1 percent.

Even as companies attempt to beef up their protection, it's nearly impossible to stay ahead of the attackers and their tools.

“As long as a company continues to focus on its core business it will not be able to match the resources poured into bypassing outdated protection and staying ahead of the attackers,” Pozhogin said.

That said, cybersecurity firms' technology can assist in keeping attackers at bay and enterprises' sites running, he reminded. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.