Distributed denial of service attacks, which took down the websites of at least two credit unions in 2013, continued to show up in large numbers through the end of the year.
According to Fort Lauderdale, Fla.-based mitigation specialist Prolexic, the total number of attacks it detected increased 2% from the third quarter to the fourth quarter of 2013.
The company said infrastructure attacks accounted for 76.76% of total attacks during the quarter, with application layer attacks making up the remaining 23.24%. Both kinds of attacks flood a website server or other infrastructure with meaningless data requests or other inputs, enough to take the site down.
Concern grew in 2013 that the attacks, which at first seemed to intend to disrupt an organization, often for political reasons, had become a way to distract IT staff while criminals inserted malware or drained online accounts.
According to Prolexic’s Q3 2013 Global DDoS Attack Report, the average attack duration in the final three months was 22.88 hours, and the company’s specialists “mitigated extremely large bandwidth attacks and in some cases, highly sophisticated, multi-vector attacks.”
Meanwhile, the company’s PLXsert engineering team noted that mobile applications grew in use, including an Android-based application that was used in a DDoS attack against a large Prolexic client.
“The use of mobile applications in DDoS attacks is an emerging trend that PLXsert expects to become more prevalent in 2014, as many of these opt-in apps can be downloaded from online app stores and no experience is required to use them,” the company’s report said.
Prolexic also said that as the year ended, the United States replaced China at the top of the top 10 source countries list for DDoS attacks it detected. But overall, the report said Asian countries – Thailand and South Korea already are at the top of the list – are emerging as the main source of the world’s DDoS attacks.
Techniques that allow attacks to be greatly amplified in volume also are being developed, and Prolexic called on the security community as a whole to address the problem of unprepared host servers.
“So what will 2014 bring? We hope so to see researchers continuing their efforts on misconfigured host cleanup, thereby putting a dent in the attackers’ amplification arsenal,” the Prolexic report concluded.
“We hope that security organizations continue to work with carriers. (And) there are communities that will continue to keep the Internet usable for everyone. At the same time, we are aware that malicious actors will continue to abuse these services and will research more ways and protocols that can be abused.”