Kaspersky said UDP flooding is the most common type of attack. But if you look at the duration of the attack, HTTP floods and mixed attacks with HTTP elements account for about 80% of all DDoS attacks. By the improvement of defense measures, the traditional DDoS attack has basically failed.
The Highline report is below
- China still tops the leaderboard by number of DDoS attacks, but its share fell quite significantly, from 77.67% to 50.43%. The US retained second position (24.90%), and Australia came third (4.5%). The Top 10 waved goodbye to Russia and Singapore, but welcomed Brazil (2.89%) and Saudi Arabia (1.57%).
- By geographical distribution of targets, the leaders remain China (43.26%), the US (29.14%), and Australia (5.91%). That said, China’s share fell significantly, while all other Top 10 countries increased theirs.
- Most of the botnet-based attacks last quarter occurred in October; holiday and pre-holiday periods were calmer. In terms of weekly dynamics, attack activity rose mid-week and decreased towards the end.
- Q4 witnessed the longest attack seen in recent years, lasting almost 16 days (329 hours). In general, the share of short attacks decreased slightly, but the fluctuations were minor.
- The share of UDP floods increased significantly to almost a third (31.1%) of all attacks. However, SYN flooding is still leading (58.2%).
- In connection with the rising number of Mirai C&C servers, the shares of the US (43.48%), Britain (7.88%), and the Netherlands (6.79%) increased.