A U.S.-based security firm is reporting that the average amount of bandwidth consumed in DDoS attacks by botnets has increased by a factor of eight in the first quarter of 2013.
You read that correctly. Eight times the bandwidth is being consumed compared to last year.
The average amount of bandwidth used in DDoS attacks mushroomed to an astounding 48.25 gigabits per second in the first quarter, with peaks as high as 130 Gbps, according to Hollywood, Florida-based Prolexic. During the same period last year, bandwidth in the average attack was 6.1 Gbps and in the fourth quarter of last year it was 5.9 Gbps. The average duration of attacks also grew to 34.5 hours, compared with 28.5 hours last year and 32.2 hours during the fourth quarter of 2012. Earlier this month, Prolexic engineers saw an attack that exceeded 160 Gbps, and officials said they wouldn't be surprised if peaks break the 200 Gbps threshold by the end of June. [Ars Technica]
According to Ars, the biggest factor contributing to these attacks is the harnessing of servers rather than home computers for botnets. While a personal PC might only be able to deliver a rather limited number of packets, a zombie-server is much more powerful and able to deliver staggering amounts of data.
In particular, we’ve seen servers running web-based software like WordPress are particularly vulnerable.
According to security firm CloudFlare’s CEO, Matt Prince:
"It is clear that if the story of the 2000s was how easy it was to compromise desktop PCs and turn them into spam-sending engines or botnets to do other nefarious things, the story of the 2010s is going to be how easy it is to compromise server software, which has gotten very consumerized and doesn't necessarily have the best security in place. If a server is 10 times as powerful as a desktop computer then you only need one-tenth to do the same level of damage."