Data reveals October & December are prime time for DDoS attacks

Neustar have released preliminary data that shows April, February, October and December as the most popular months for DDoS attacks.

The report, compiled from 2015 data from Neustar’s Security Operations Center, also details the rising threat of multi-vector attacks, a weapon commonly used to plant malware and extract company information.

“It’s no surprise that hackers are launching their attacks around high-transaction months,” said Peter Burke, Senior Vice President of Engineering and Operations at Neustar.

The Timing of the Attacks

The winter holiday season accounted for 32% of all attacks in 2015. Attackers took note of the opportunities presented during Cyber Monday and the holiday shopping season, and timed their assaults for maximum impact.

  • October saw the highest number of attacks with 12.63%
  • December accounted for 11.39% of attacks
  • February received 10.48% of hits

– April had 9.04% of attacks

“In February and April, you’re looking at times when most people file their taxes, so it makes sense that attacks would be heightened during that time period. In the fourth quarter, you have Cyber Monday and a high volume of companies that are dependent upon ecommerce, so it’s like low-hanging fruit for attackers,” Burke concluded.

Multi-Vector Mayhem

One of the most alarming trends noted in the findings is the rise of multi-vector attacks. Rather than just use one style of method to breach a company’s infrastructure, attackers are increasingly turning to multi-vector attacks to exhaust defenses.

“Multi-vector attacks show a higher level of sophistication on behalf of the hacker,” said Burke. “Anybody can go to a stressor website and buy a cheap DDoS service, but with multi-vector attacks, the hacker is exhibiting a familiarity with attack methods and determination to potentially cause real damage,” Burke said.

Statistics from Neustar’s Security Operations Center uncovered:

  • 47% of all multi-vector attacks occurred in the fourth quarter
  •  42.6% of multi-vector attacks were less than 1 Gbps
  •  57% of all multi-vector attacks involved reflection attacks

“Rather than just hit with a massive DDoS strike, multi-vector attacks are more alarming because they require dexterity,familiarity with attack methods, and they can also be used as a smokescreen to insert malware and sneak out sensitive company information,” Burke added.

In late March, Neustar will release its full Security Operations Center report, which will detail attack sizes, strategies and stories from the SOC. The report is comprised of attacks that Neustar has defended on behalf of its clients in 2015. No client names or identifying information will be provided in the report.

Evan Uhl, SOC Manager at Neustar recently presented a webinar offering advice on DDoS defence tactics – watch below.