Arbor Networks’ ATLAS Data Shows Reflection DDoS Attacks Continue to be Significant in Q3 2014

PRESS RELEASE

BURLINGTON, MA., October  7, 2014 – Arbor Networks Inc. today released global DDoS attack data for Q3 2014 showing a remarkable increase in Simple Service Discovery Protocol (SSDP) reflection attacks. Arbor monitored very few attacks using SSDP as a reflection mechanism in Q2, but nearly 30,000 attacks with this source port in Q3 alone, with one such attack reaching 124Gbps. The data confirms what Arbor has calledThe Hockey Stick Era, with a continuing trend towards large volumetric attacks, a consistent theme throughout 2014.

Arbor’s data is gathered through ATLAS®, a collaborative partnership with nearly 300 service provider customers who share anonymous traffic data with Arbor in order to deliver a comprehensive, aggregated view of global traffic and threats. ATLAS collects statistics that represent 90Tbps of Internet traffic and provides the data for the Digital Attack Map, a visualization of global attack traffic created in collaboration with Google Ideas.

“Everyone is aware of the huge storm of NTP reflection DDoS attacks in Q1 and early Q2, but although NTP reflection is still significant there isn’t as much going on now as there was – unfortunately, it is looking more and more like SSDP will be the next protocol to be exploited in this way.  Organizations should take heed and ensure that their DDoS defense is multi-layered, and designed to deal with both attacks that can saturate their connectivity, and more stealthy, sophisticated application layer attacks,” said Arbor Networks Director of Solutions Architects Darren Anstee.

DDoS in Q3 2014 -- ATLAS key findings:

For more analysis into data from Q3 2014, please visit Slideshare to view more detailed findings.

About Arbor Networks

Arbor Networks, Inc. helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor’s advanced threat solutions deliver complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context - so customers can solve problems faster and reduce the risk to their business.

To learn more about Arbor products and services, please visit our website at arbornetworks.com. Arbor’s research, analysis and insight, together with data from the ATLAS global threat intelligence system, can be found at the ATLAS Threat Portal.

Trademark Notice: Arbor Networks, the Arbor Networks logo, Peakflow, ArbOS, Pravail, Cloud Signaling, Arbor Cloud, ATLAS, We see things others can’t.TM and Arbor Networks. Smart. Available. Secure. are all trademarks of Arbor Networks, Inc. All other brands may be the trademarks of their respective owners