New statistics show that the distributed denial-of-service (DDoS) attacks in the second quarter of 2014 have decreased both in intensity and frequency, compared to the first one.

The average size of the DDoS incidents recorded in Q2 2014 was of 759.83 Mb/s, 47% less compared to the first quarter of the year, while the peak reached just 154.69 Gb/s, a little more than half of what was recorded in Q1.

The data comes from Arbor Networks, a company providing DDoS mitigation solutions for enterprise and service provider networks.

Their systems registered a fall in the number of NTP reflection attacks, a fact that was probably caused by the continued efforts of multiple entities in the security industry to raise awareness about the flaw in the Network Time Protocol allowing amplification of a DDoS.

However, although incidents leveraging NTP amplification are dwindling, there are still reasons of concern, as they continue to be significant.

According to telemetry from Arbor Networks, the largest NTP attack in the second quarter of 2014 lasted for 25 minutes, it was 154GB large and it targeted a victim in Spain.

It appears that the amount of attacks driving more than 100Gb/s of junk data to the systems of a victim dropped to 39, while in the first quarter the number was almost twice as large (72).

In June 2014, the average of NTP amplification was 32.3Gbps, a figure that is nothing compared to the 351.64 Gbps recorded in February this year.

Most of the incidents had a duration consistent with the telemetry from the first months of the year, lasting less than an hour. However, the average has increased from 60 minutes in Q1, to 72 minutes.

As far as the sources of the attacks are concerned, Arbor Networks puts South Korea in the leading place; the information takes into consideration the fact that the origin of 34% of the incidents could not be determined because of data anonymization or distribution. The U.S. came in second and China took the third spot.

The most targeted victims have been located in the same countries, but the order is different, with U.S. in the first place, followed by China and South Korea.

The company also offers some year on year information, revealing a clear increase in both the duration of the attacks and their intensity. So far, the largest volumetric DDoS attack in 2014 lasted for four hours and 22 minutes and was 325Gb/s in size (NTP); the victim was located in France.

The largest application layer attack recorded no less than 94.42 Mpps, was conducted over port 80 and lasted for 7 minutes; the victim was from the United States.
Kepler Reviewed by Kepler on . DDoS Attacks Decrease in Q2 2014, Compared to Q1 http://i1-news.softpedia-static.com/images/news-700/Volumetric-DDoS-Attacks-Decrease-in-Q2-2014-Compared-to-Q1.jpg New statistics show that the distributed denial-of-service (DDoS) attacks in the second quarter of 2014 have decreased both in intensity and frequency, compared to the first one. The average size of the DDoS incidents recorded in Q2 2014 was of 759.83 Mb/s, 47% less compared to the first quarter of the year, while the peak reached just 154.69 Gb/s, a little more than Rating: 5