Report: 1 Tbps DDoS Attacks to Increase 500 Percent in 2017

Last year, two distributed denial of service (DDoS) attacks reached or exceeded 1 Tbps. But in 2017, that will change, as the number of 1 Tbps DDoS attacks increases 500 percent in 2017.

According to Deloitte Global’s “Technology, Media and Telecommunications Predictions 2017,” there will be 10 million DDoS attacks this year with an average size of 1.25 Gbps to 1.5 Gbps. More alarming, however, is Deloitte’s prediction that there will be one 1 Tbps-level DDoS attacks per month in 2017.

Overall, the report indicates, DDoS attacks will be larger in scale, more frequent and harder to mitigate than in previous years. For example, the largest attacks on record in 2013, 2014 and 2015 reached 300 Gbps, 400 Gbps and 500 Gbps, respectively; while the first Tbps-level attack was recorded in 2016.

“DDoS is not a new topic for 2017, but the potential scale of the problem is,” Deloitte wrote in its report. “Any organization that is increasing its dependence on the Internet should be aware of a potential spike in the impact from such attacks.”

What’s Driving this Growth?

According to Deloitte, three factors are fueling the growth in scale, severity and frequency of large DDoS attacks.

First, threat actors are using the growing install base of unsecured Internet of Things (IoT) devices such as connected cameras and digital video recorders to build botnets with which to launch large attacks. One of 2016’s 1 Tbps DDoS attacks was carried out by a network of hundreds of thousands of hijacked wireless cameras.

Second, it’s becoming much easier for threat actors to launch attacks. Through what’s being called “deskilling,” relatively unskilled attackers can now launch attacks on their own through the online availability of malware methodologies, such as Mirai, which was used to carry out some of the largest attacks last year.

Third, high-speed bandwidth is ubiquitous, empowering botnets to send much more junk data with greater speeds, thus intensifying attacks.

Protection for the Terabit-Attack Era

Now more than ever, your organization requires a high-performance solution with the capacity and density to detect and mitigate massive DDoS attacks. Deloitte recommends leveraging a powerful DDoS protection solution to prevent being taken down by one of these monstrous attacks.

A10 Networks Thunder TPS detects and mitigates attacks at the network edge and is the first line of defense for your network infrastructure against these large-scale DDoS attacks. It delivers agile, efficient and network-wide protection against the full spectrum of DDoS attacks, including challenging multi-vector attacks that use a combination of high-rate volumetric or network protocol attacks and more sophisticated application attacks.

The Thunder TPS 14045, for example, can mitigate attacks of up to 300 Gbps with just 3 RUs, and can be deployed in a cluster to handle up to 2.4 Tbps.

The Thunder TPS multi-tiered architecture offloads common attack vectors to specialized hardware, offloading the CPUs to focus on complex application layer attacks. Thunder TPS is proven to scale to protect against the largest DDoS attacks.

Learn about DDoS and the Terabit era of attacks this week at RSA Conference 2017. A10 will be there talking about DDoS throughout the show.

And for more information on how A10 Thunder TPS detects and mitigates DDoS attacks against your organization, contact one of our cyber security experts.

Add new comment