DDoS Attacks break a new Record in Germany: 104 Attacks per Day

  • Fabian Sinner
  • February 8, 2016

Table of content

    DDoS Attacks break a new Record in Germany: 104 Attacks per Day

    The new DDoS report for Central Europe shows an increase of DDoS attacks by 36%. Over 9,000 attacks were targeted at servers and infrastructures in Germany, Austria and Switzerland. This means that the Link11 Security Operation Center (LSOC) identified and blocked averagely 104 attacks a day. Most attacks were executed on a Saturday or Sunday.

    The DDoS-Report can be downloaded at https://www.link11.com/en/ddos…

    Frankfurt, August 24th 2016: The Link11 DDoS report for Germany, Austria and Switzerland proves that DDoS attacks are increasing. During the 2nd quarter of 2016 the LSOC registered a total of 9,422 attacks. This is an increase of 36% compared to the 1st quarter. The attack duration summed up to 1,744 hours and increased by a whopping 123.9% compared to the previous research time frame.

    DDoS Threat on Weekends

    The largest DDoS threat for the DACH region occurs on Friday to Sunday. In the 2nd quarter of 2016 the perpetrators initiated 16.6% of their attacks on a Sunday or Saturday (16.2%). As the week begins, these attacks decrease and rise on Fridays again. These attacks are spread unevenly during the course of the day. Most attacks occur between 4:00 pm and midnight.

    • The most important facts from the DDoS report for the 2nd quarter of 2016
    • The largest DDoS attack reached a peak bandwidth of 141.9 Gbps. The Attack targeted a German gaming platform.
    • Seven further Hyper Attacks breached the 100 Gbps mark as well.
    • The data transfer rate peaked at 46.2 million packets per second. The attackers used UDP Floods.
    • The most frequent used attack vectors were UDP Floods, TCP SYN Floods and UDP Fragments.
    • One attack with 10 vectors was targeted at an e-commerce service in Germany.
    • While the share of DNS, NTP and SSDP Reflection Attacks has gone down, the attacks using Gaming Server Reflection have been on the rise during the 2nd quarter.
    • The share of encryption-based HTTP attacks has increased from 0% to 4% in the DACH region. HTTPS Floods are hard to defend because the packets with TSL and SSL encryption have to be decrypted for secure filtering.
    • For the first time, the use of the TFTP protocol to execute reflection attacks could be verified in the three attacks targeting businesses in Austria.

    New DDoS Extorters in Germany

    Of all the numerous extortion waves during the 2nd quarter there was one group that caught attention. The international active DDoS extorters Kadyrovsty were responsible for various attacks in Europe. The LSOC took note of two other special bold extortions attempts through the alleged Lizard Squad and the self-proclaimed Robin Hoods Caremini and has summed up the most important facts.

    Link11 expects a further rise of DDoS activities in the DACH region. “Both the pure amount of attacks as well as extortion attempts with announced and executed attacks will increase.” As Onur Cengiz, Head of LSOC, describes. “Managers have the wrong impression on how the situation threatens their own IT. In reality, most of the on-site equipment is not able to keep up with the same pace as perpetrators are evolving their attacks.”

    About Link11 DDoS Reports and Link11

    In their quarterly-released DDoS report, Link11 provides an extensive insight on the threat level in Germany, Austria and Switzerland. The researchers concentrate on the analysis of various attack characteristics and compare these to the previous research time frame. Additional case studies and stories deliver more background information.

    The DDoS protection experts of the LSOC can offer exclusive information as there is hardly any representative data in the DACH region. The report is supposed to provide IT deciders and representatives with an overview that helps them to better analyze and protect their systems.

    The Link11 DDoS report for Central Europe is available at https://www.link11.com/en/ddos…

    About Link11

    Link11 GmbH is a German IT business specialized in DDoS protection and server hosting headquartered in Frankfurt am Main. In 2011, Link11 successfully established a new and innovative product on the market called the DDoS Protection Cloud. This Link11 DDoS Protection has already been filed for patent und enables it to protect every website and complete server infrastructures from DDoS attacks. In 2016, Link11 has been awarded with the German Data Center Award for innovative DDoS protection solutions.

    Clients from the Top DAX 30 as well as e-commerce, finance, insurance, media and production sector all trust Link11’s expertise. As one of today’s largest DDoS filter providers, Link11 is connected by fiber highways with network locations between Frankfurt, Amsterdam, London, New York, Miami and Zurich. The constant network expansion includes further locations in Asia and the Middle East.

    As an official partner of national and international associations including the G4C, a cooperation of the private economy and the BSI and German Federal Office of Criminal Investigation, Link11 is actively involved in IT security and the investigation of cybercrime.

    Infographic: 10 Facts about the Cloud
    DDoS Protection for WISAG from Link11
    X