Longest DDoS attack since 2015 lasts 329 hours

While the number of DDoS attacks have declined, they have become much more sophisticated, according to a Kaspersky Lab report.

The last quarter of 2018 saw the longest DDoS attack since 2015, lasting 329 hours—almost 2 weeks—according to a Kaspersky Lab report released on Thursday. But the top three countries with the most DDoS attacks are still the same: China in first place (43%), the US in second (29%), and Australia in third (6%).

While the number of DDoS attacks decreased in 2018, the average attack duration increased, the report found. The average length of attacks more than doubled from the beginning of 2018 to the end—from 95 minutes to 218 minutes. These attacks increased in length because they have become more complex and difficult to stop or mitigate, the report added.

The most common complex attack executed included an HTTP component, which requires both time and money to launch, the report said. Both the HTTP flood method and mixed attacks involving an HTTP factor made up approximately 80% of all DDoS attacks for 2018, revealing the success of this strategy.

Since attacks are predicted to become even more specialized in 2019, the report recommended the following three steps to help protect organizations from DDoS attacks:

• Train and increase IT employees’ awareness of how to respond to DDoS attacks.
• Prepare the organization’s websites and web applications to handle high traffic volume.
• Use professional solutions to protect systems against all varieties of DDoS attacks.

The big takeaways for tech leaders:

• While DDoS attacks decreased in 2018, the complexity of the attacks increased. — Kaspersky Lab, 2019
• DDoS attacks will only become more complex and specialized in 2019, meaning the enterprise needs to properly prepare. — Kaspersky Lab, 2019