As cybersecurity threats and concerns continue to mount, DDoS attacks are quickly increasing in size, scale and complexity, new figures show. According to data released by Arbor Networks, the first six months of 2016 have seen an escalation in Distributed Denial of Service attacks with the largest attack registering at a whopping 579Gbps - a 73% increase from the biggest DDoS attack in 2015.
DDoS attacks take place when a malicious group or individual floods a company's network with fake traffic in order to take it down. The attacks have become more commonplace due to readily available free tools and cheap online services that allow any resentful individual with a decent internet connection to launch an attack against a company's servers, if they choose to do so.
Gathering global data from over 300 internet service providers over a common platform called the Active Threat Level Analysis System, or ATLAS, the company monitored an average of 124,000 weekly DDoS attacks over the past 18 months.
During the first half of 2015, a total of 274 attacks over 100Gbps were monitored, a significant jump from the 223 attacks seen throughout 2015. A total of 46 attacks over 200Gbps were recorded in the first half of 2016 as well, compared to 16 that were found in all of 2015.
The study found that the average attack size observed in the first half of 2016 was 986Mbps, a 30% increase from 2015. By the end of 2016, the average attack size is estimated to be 1.15Gbps. For context, a 1 Gbps DDoS is said to be enough to knock most organisations' networks offline completely.
The United States, France and Great Britain were found to be the top targets for attacks over 10Gbps, the data showed.
"The data demonstrates the need for hybrid, or multi-layer DDoS defence," Darren Anstee, chief security technologist at Arbor Networks, said in a statement. "High bandwidth attacks can only be mitigated in the cloud, away from the intended target. However, despite massive growth in attack size at the top end, 80% of all attacks are still less than 1Gbps and 90% of attacks last less than one hour."
"On-premise protection provides the rapid reaction needed and is key against 'low and slow' application-layer attacks, as well as state exhaustion attacks targeting infrastructure such as firewalls and IPS."