Content, Content

Akamai State of the Internet Report: Why DDoS Attacks Rose in 2Q17

Credit: Pixabay

The number of distributed denial of service (DDoS) attacks increased 28 percent in the second quarter of 2017, according to the "Second Quarter, 2017 State of the Internet/Security Report" from content delivery network (CDN) services provider Akamai Technologies. The increase took place after three consecutive quarters of decline.

Other findings from the Akamai report included:

  • The average company was targeted 32 times by DDoS attackers in the second quarter.
  • The incidence of web application attacks rose 5 percent on a quarter-over-quarter basis and 28 percent year over year.
  • The number of IP addresses involved in volumetric DDoS attacks fell 98 percent to 11,000.
  • Egypt was the origin of the greatest number of unique IP addresses used in volumetric DDoS attacks (44,198) and represented 32 percent of the global total.
  • The United States was the top source (112 million) and target (218 million) of web application attacks.

DDoS and web application attacks are cyclical, and organizations must take a proactive approach to plan ahead for the "next high tide of attack traffic," Akamai stated.

"We need to be planning for the future rather than reacting," Akamai said. "The more we can think about the future ... the better we are able to put in controls that are going to protect us today, tomorrow and into the future."

Who's to Blame for DDoS Attacks?

But who's to blame for all of these attacks? Some perspectives may surprise you. Sixty percent of IT security professionals blame their own security teams for the attacks, according to a survey conducted by DDoS protection solutions provider Corero Network Security.

In addition, 73 percent of survey respondents said they expect regulatory pressure to be applied against internet service providers (ISPs) that are perceived to be not protecting their customers against DDoS threats, Corero noted.

"There is a growing trend to blame upstream providers for not being more proactive when it comes to DDoS defense," Corero CEO Ashley Stephenson said in a prepared statement. "To help their cause, ISPs could do more to position themselves as leading the charge against DDoS attacks ... by offering more comprehensive solutions to their customers as a paid-for, managed service."

DDoS Mitigation Services Partnerships: The New Norm

The global DDoS protection and mitigation market is expected to expand at a compound annual growth rate (CAGR) of 21.3 percent between 2016 and 2021 and could be worth $2.16 billion by 2021, according to market research firm ReportsnReports. This projected market growth may lead to an increase in DDoS mitigation services partnerships over the next few years.

Cybersecurity and application delivery solutions provider Radware in July announced a partnership with TierPoint, a company that offers cloud computing, disaster recovery and other information technology and data center services. With the partnership, Radware provides TierPoint’s Managed DDoS Defense service via the Radware Attack Mitigation Solution, Radware said in a prepared statement.

Also, global data center provider Telehouse in July started offering Verisign's DDoS Protection Services to Telehouse customers via a reseller relationship with KDDI, Telehouse's parent company. This partnership enables Telehouse finance and enterprise customers and cloud and content service providers to safeguard their critical assets and minimize the risk of DDoS attacks, Telehouse stated.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.