A business attacked once in Q4 2013 had a 35% chance of being attacked at least one more time in the same quarter, up from just less than a 25% chance in Q3, Akamai says. The vendor’s customers experienced 346 total denial-of-service attacks in the fourth quarter, up 23% from Q3 2013 and up almost 75% year over year.
Not only are more web sites being attacked by criminals attempting to knock them offline, but the likelihood of a web business being attacked multiple times in the same quarter is on the rise, according to a new report from Akamai Technologies Inc.
The content delivery network and web security firm in its Q4 2013 State of the Internet report says web sites that had already suffered one distributed-denial-of-service, or DDoS, attack had a 35% chance of being targeted with another one in same quarter. That’s up from just less than 25% in the third quarter, the first in which Akamai began calculating the probabilities.
A DDoS attack occurs when malefactors attempt to knock a site offline by sending an overwhelming volume of traffic to it. It’s distributed because the attack traffic comes from many computers, often thousands, which criminals control through software they surreptitiously load onto consumers’ PCs. Victims of DDoS attacks in recent months include social planning site Meetup.com, blogging platform Typepad and project management software provider Basecamp. All have said they received ransom notes, purportedly from the criminals attacking their sites, to stop the attacks. In Meetup.com’s case the ransom was $300, which it refused to pay. Typepad and Basecamp also refused to pay, choosing instead to fight off the attacks.
“The increase in legitimate traffic to retailer websites is often accompanied by an even greater increase in malicious traffic to retailer websites,” says Dan Shugrue, Akamai’s director of product marketing for security solutions. “Perhaps in response, a growing number of retailers are augmenting their security postures with cloud-based offerings.”
For the fourth quarter of 2013, Akamai reported a total of 346 denial-of-service attacks on its customers’ web sites (with 82 targeting e-commerce businesses), up 23% from Q3 2013 and up almost 75% year over year. For the entire year, Akamai customers faced 1,153 DDoS attacks, up 50% from 768 in 2012, it says. 177 of those customers were attacked repeatedly in the course of the year, with 85 attacked twice, 69 attacked three to five times, 10 attacked six to 10 times, 12 attacked 11 to 20 times and one organization attacked “nearly every other day throughout the entire year.” Akamai did not reveal the name of that unfortunate client.
Among Akamai’s global e-commerce client base, the vendor reports 320 DDoS attacks in 2013, the second-highest after its enterprise businesses clients, with 492 attacks. Together, both industries accounted for just less than 70% of all DDoS attacks in both the fourth quarter and full year 2013, Akamai says.