A new global research from Symantec says the highest volume of ‘originating DDoS traffic’ come from India. About 26 percent of all DDoS traffic originates from India followed by the USA with 17 percent.
“The sources for DoS attacks are often countries that have a high number of bot infected machines and a low adoption rate of filtering of spoofed packets. While this does not mean that the people behind the attack are located in India, as the attacks are often orchestrated remotely; it is a reflection of India emerging as a hotbed to launch these attacks, potentially because of the low cyber security awareness, lack of adequate security practices and infrastructure” says Tarun Kaura, Director, Technology Sales at Symantec India.
The research titled, “The Continued Rise of DDoS Attacks,” was conducted by Symantec’s Security Response team of engineers and analysts who evaluated the global data between the period of January to August 2014.
Symantec’s research further highlighted the motivations behind the popularity of DDoS Attacks include financial blackmail with the threat of taking the business offline personal grudge; and as a diversion technique to distract IT security response teams while a targeted attack is conducted.
The report says there's been an increase of Linux server hijacking for DDoS botnets. This year, we saw an increase in the compromise of Linux servers, including those from cloud providers. These high bandwidth servers are then used as part of a botnet to perform DDoS attacks, says the report.
As the most attacked sector globally, the gaming industry experiences nearly 46 percent of attacks, followed by the software and media sectors. While it’s not happening on a broad scale now, it’s likely we’ll see an increase in DDoS attacks originating from mobile and IoT devices in the future,” points out the Symantec report.
DDoS attacks, whilst not a new attack vector, have proven to be effective and sometimes devastating for organizations. The attacks attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. A Domain Name Server (DNS) amplification attack is a popular form of DDoS, which floods a publically available target system with DNS response traffic. Symantec’s research indicates that DNS amplification attacks have increased by 183 percent from January to August 2014.