United States of America 2020 was mostly about more: More frequent, faster, and complex attacks. There was one big exception, however: attack duration, which dropped more than 50 percent globally. Attacks were also more complex, as 15-plus vector attacks spiked 126 percent in popularity year over year. This adds up to some bad math for defenders: Shorter duration + increased complexity = less time to respond to increasingly difficult mitigation scenarios. This attack strategy will likely continue, further highlighting the vital role of advanced and automated DDoS technology. Impact Analysis We wanted to understand how much traffic traversing US infrastructure is due solely to DDoS attacks. To find out, we created the DDoS Attack Coefficient (DAC). DAC represents the total sum of DDoS traffic traversing any given region or country in one minute. This allows us to identify the DDoS attack traffic observed by NETSCOUT traveling in and out of the country for the past six months at any point in time. Here, you can clearly see the massive jump in both bandwidth and throughput during March, the height of the pandemic lockdown. DDoS Statistics Attack frequency Max throughput Average duration 13% 23% 21% Size Speed Duration Attack types 427.5 GBPS 36.1 MPPS 892 SEC TCP ACK TCP SYN/ACK Largest Attack Top Five Vectors Attacks by Vector Max number of vectors seen in a single attack This number has been steadily increasing since 2017. 24 VECTOR # OF ATTACKS TCP SYN 245,842 TCP ACK 209,394 TCP RST 197,197 DNS Amplification 178,724 ICMP 171,851 Key Metrics from the 1H 2020 NETSCOUT Threat Intelligence Report The DDoS Chronicles US 600 800 1000 1200 January February June 4% 741.1 Gbps 711.2 Gbps March 14% 615.1 Gbps April 15% 705.4 Gbps 47% 1071.9 Gbps May 3% 728.2 Gbps Gbps 100 200 300 400 500 January 248.3 Mpps March 169% 477.6 Mpps February 29% 177.3 Mpps April 55% 215.2 Mpps May 86% 401 Mpps June 38% 249 Mpps Mpps BANDWIDTH IMPACT PERCENTAGE CHANGE THROUGHPUT IMPACT PERCENTAGE CHANGE
2
Embed
MPPS 892 · in the USA and/or other countries. All other brands and product names and registered and unregistered trademarks are the sole property of their respective owners. SECR_015_EN-2001
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
United States of America
2020 was mostly about more: More frequent, faster, and complex attacks. There was one big exception, however: attack duration, which dropped more than 50 percent globally. Attacks were also more complex, as 15-plus vector attacks spiked 126 percent in popularity year over year. This adds up to some bad math for defenders: Shorter duration + increased complexity = less time to respond to increasingly difficult mitigation scenarios. This attack strategy will likely continue, further highlighting the vital role of advanced and automated DDoS technology.
Impact Analysis
We wanted to understand how much traffic traversing US infrastructure is due solely to DDoS attacks. To find out, we created the DDoS Attack Coefficient (DAC). DAC represents the total sum of DDoS traffic traversing any given region or country in one minute. This allows us to identify the DDoS attack traffic observed by NETSCOUT traveling in and out of the country for the past six months at any point in time. Here, you can clearly see the massive jump in both bandwidth and throughput during March, the height of the pandemic lockdown.
DDoS Statistics
Attack frequency
Max throughput
Average duration
13%
23%
21%
Size
Speed
Duration
Attack types
427.5 GBPS
36.1 MPPS
892 SEC
TCP ACK TCP SYN/ACK
Largest Attack
Top Five Vectors
Attacks by Vector
Max number of vectors seen in a single attack
This number has been steadily increasing since 2017.
24
VECTOR # OF ATTACKS
TCP SYN 245,842
TCP ACK 209,394
TCP RST 197,197
DNS Amplification 178,724
ICMP 171,851
Key Metrics from the 1H 2020 NETSCOUT Threat Intelligence Report
The DDoS Chronicles
US
100
200
300
400
500
600
800
1000
1200
January February
June
4%741.1 Gbps
January248.3 Mpps
711.2 Gbps March14%
615.1 Gbps
March169%
477.6 Mpps
February29%
177.3 Mpps
April55%
215.2 Mpps
May86%
401 Mpps
June38%
249 Mpps
April15%
705.4 Gbps
47%1071.9 Gbps
May3%
728.2 Gbps
Gbp
sM
pps
100
200
300
400
500
600
800
1000
1200
January February
June
4%741.1 Gbps
January248.3 Mpps
711.2 Gbps March14%
615.1 Gbps
March169%
477.6 Mpps
February29%
177.3 Mpps
April55%
215.2 Mpps
May86%
401 Mpps
June38%
249 Mpps
April15%
705.4 Gbps
47%1071.9 Gbps
May3%
728.2 Gbps
Gbp
sM
pps
BANDWIDTH IMPACT PERCENTAGE CHANGE
THROUGHPUT IMPACT PERCENTAGE CHANGE
The Big PictureExplore the full 1H 2020 NETSCOUT Threat Intelligence Report to find the latest research into trends and activities across the global DDoS threat landscape.