The new peak value for DDoS attacks has changed yet again, with the new top value being 579 Gbps, recorded by Arbor Networks during the first half of the year.
The previous maximum value was 500 Gbps , detected at the end of 2015, the start of 2016, also by Arbor Networks a company that provides various security services, among which is DDoS mitigation.
Low-and-slow DDoS attacks account for 80 percent of all DDoS attacks
The company released today its report on the state of the DDoS landscape for the first half of the year. The report shows that despite a growth regarding the peak values which DDoS attacks can reach, the average value of an attack is only 986 Mbps, something that could very easily be deflected by a company that employs dedicated DDoS mitigation infrastructure.
Arbor says that around 80 percent of the entire DDoS attacks detected in the first six months of the year were small to middle size, and only 46 attacks went above 200 Gbps and 274 attacks over 100 Gbps.
Almost all metrics are up compared to the same period of 2015, Arbor says, and in most cases, crooks didn't need complicated amplification attacks to reach peak values, with many using botnets built on top of modifications of LizardStresser , a simple toolkit created and open-sourced by the infamous Lizard Squad hacking crew.
DDoS landscape grows in sophistication and size
In fact, in the past year, there have been many incidents that have contributed to the overall growth of the DDoS landscape.
This includes the emergence of a massive DDoS botnet of 25,000 bots comprised of hijacked CCTV systems, the proliferation of sophisticated and cheap DDoS stressers , and the discovery of new DDoS reflection attack vectors via the DNSSEC and TFTP protocols.
Arbor says that in terms of reflection attacks, DNS has surpassed NTP and SSDP, and has become the prevalent (abused) protocol in the first half of 2016.