Australian DDoS attacks last half as long, hit twice as hard as regional average

Australian targets are being hit by shorter, more intense distributed denial of service (DDoS) attacks that are, on average, the largest in the Asia-Pacific region, according to new figures from a global DDoS watchdog.

The average DDoS size in the first quarter of this year was 1.25Gbps, according to figures from Arbor Networks' ATLAS Threat Portal.

ATLAS, which compiles and normalises traffic data from over 330 service providers carrying a cumulative 120Tbps of Internet traffic, traces DDoS attacks from start to finish and measures them by peak and average bandwidth.

Australian DDoS attacks were getting worse on both metrics, with the 1.25Gbps average attack size approximately twice as large as the average attack across the Asia-Pacific region during Q1.

“Australia reflects the global trend,” Arbor Networks Australian country manager Nick Race recently told CSO Australia. “We're not just an island at the bottom of the world; we're affected equally as much as the rest of the world.”

The largest reflection attack observed in Australia used Simple Service Discovery Protocol (SSDP) to generate 26Gbps of DDoS traffic, while Network Time Protocol (NTP) was exploited to generate a reflection attack that surged to 51Gbps peak traffic.

That fell short of the 77Gbps Australian peak and 400Gbps global record observed during 2014, but the growing average size of the incidents confirmed that DDoS attacks are ever more-significant threats to Australian organisations. Despite their intensity, attacks against Australian targets lasted just 22 minutes, compared with 46 minutes across the region.

Arbor Networks has been watching the steady growth in DDoS attacks for years, with successive reviews of its collective data showing DDoS frequency and intensities continuing to trend upwards at an alarming pace.

DDoS attacks' potential damage to revenues and brand perception was driving customer interest in cloud-based DDoS detection and mitigation services as well as encouraging many to revisit their own on-premises protections.

“The more we go online as an industry, the more that downtime becomes a business cost,” Race said.

“Take your online revenue and divide it by 365, and that's the effective loss you face per day that a DDoS has taken your services down. Then there's the brand damage, and the more intangible costs for businesses because they are offline.”

Race believes a growing trend towards proactive mitigation of DDoS attacks will help Australian companies avoid being completely blindsided by such attacks. Telecommunications carriers, in particular, are moving to bolster their DDoS defences to prevent the attacks from getting anywhere near their customers.

“Telcos and service providers are working together to collaborate in the defence from attacks like these,” Race said. “The most important thing you can do is to get as close as possible to the source of the attack, and stop it as far upstream as possible. We are all just trying to stay one step ahead of the bad guys.”

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join the CSO newsletter!

Error: Please check your email address.

Tags arbor networksdataData storageATLAS Threat PortaIT SecurityAsia-PacificCSO AustraliaDDoS watchdogDDoS attacks

More about Arbor NetworksCSOEnex TestLab

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place