Australian DDoS attack size beats APAC average

Average attack size was 1.25Gbps in Q1 of 2015

The size of distributed denial of service (DDoS) attacks in Australia continues to be larger than the Asia Pacific average according to a new report by Arbor Networks.

The vendor found that the average DDoS attack in Q1 of 2015 was 1.25Gb/s, compared with the APAC average of 483.65Mb[s.

This was a dip from Q4 of 2014 where the average DDoS attack in Australia was 1.34Gbps.

The average APAC attack size was 500.68Mbps.

The average attack length in Q1 against Australian networks was 22 minutes versus 46 minutes in APAC.

“The short duration of attacks reported in Q1 is interesting. Short bursts of DDoS attack activity require automated defences to protect against them,” Arbor Networks Australia country manager Nick Race said.

“Operators in Australia absolutely should take note. On-premise DDoS protection is essential for both detection and mitigation of attacks, enabling bad traffic to be scrubbed in an immediate and automated fashion.”

While attacks against Australia continue to increase, he said that Australian ISPs have done a good job of protecting their borders and putting anti-spoofing filters in place.

“Australia is in the fortunate position that we have enough inbound capacity that we can work around those attacks. Having anti spoofing filters at the edge of the ISP network is one thing that will stop these types of amplification attacks,” he said.

Read more: Gaming companies hit the hardest by DDoS attacks in Q4 2014: Akamai

Simple Service Discovery Protocol (SSDP) topped the list of reflection attacks in Q1 against Australia with the largest SSDP attack reported at 26Gbps.

Last year Arbor Networks senior security engineering and response team (ASERT) analyst Roland Dobbins told Computerworld Australia that DDoS attacks are sometimes being used by gamers to settle disputes and by people with rudimentary hacking skills to target companies.

“The main characteristic of these attacks is that they are huge. The biggest one we have seen so far was 400Gbps. Because these attacks are so large, they fill up the pipes of Internet service providers [ISPs], the peering and transit links,” he said.

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia

Join the TechWorld newsletter!

Error: Please check your email address.

Tags arbor networksDDoS attacksdistributed denial of service (DDoS)

More about APACArbor NetworksRoland

Show Comments
[]