April 23, 2014, 3:41 PM

Repeated denial-of-service web site attacks are on the rise

A business attacked once in Q4 2013 had a 35% chance of being attacked at least one more time in the same quarter, up from just less than a 25% chance in Q3, Akamai says. The vendor’s customers experienced 346 total denial-of-service attacks in the fourth quarter, up 23% from Q3 2013 and up almost 75% year over year.

Lead Photo

Not only are more web sites being attacked by criminals attempting to knock them offline, but the likelihood of a web business being attacked multiple times in the same quarter is on the rise, according to a new report from Akamai Technologies Inc.

The content delivery network and web security firm in its Q4 2013 State of the Internet report says web sites that had already suffered one distributed-denial-of-service, or DDoS, attack had a 35% chance of being targeted with another one in same quarter. That’s up from just less than 25% in the third quarter, the first in which Akamai began calculating the probabilities.

A DDoS attack occurs when malefactors attempt to knock a site offline by sending an overwhelming volume of traffic to it. It’s distributed because the attack traffic comes from many computers, often thousands, which criminals control through software they surreptitiously load onto consumers’ PCs. Victims of DDoS attacks in recent months include social planning site Meetup.com, blogging platform Typepad and project management software provider Basecamp. All have said they received ransom notes, purportedly from the criminals attacking their sites, to stop the attacks. In Meetup.com’s case the ransom was $300, which it refused to pay. Typepad and Basecamp also refused to pay, choosing instead to fight off the attacks.

“The increase in legitimate traffic to retailer websites is often accompanied by an even greater increase in malicious traffic to retailer websites,” says Dan Shugrue, Akamai’s director of product marketing for security solutions. “Perhaps in response, a growing number of retailers are augmenting their security postures with cloud-based offerings.”

For the fourth quarter of 2013, Akamai reported a total of 346 denial-of-service attacks on its customers’ web sites (with 82 targeting e-commerce businesses), up 23% from Q3 2013 and up almost 75% year over year. For the entire year, Akamai customers faced 1,153 DDoS attacks, up 50% from 768 in 2012, it says. 177 of those customers were attacked repeatedly in the course of the year, with 85 attacked twice, 69 attacked three to five times, 10 attacked six to 10 times, 12 attacked 11 to 20 times and one organization attacked “nearly every other day throughout the entire year.” Akamai did not reveal the name of that unfortunate client.

Among Akamai’s global e-commerce client base, the vendor reports 320 DDoS attacks in 2013, the second-highest after its enterprise businesses clients, with 492 attacks. Together, both industries accounted for just less than 70% of all DDoS attacks in both the fourth quarter and full year 2013, Akamai says.

295 retailers in the 2014 Internet Retailer Top 500 Guide and 23 in the 2013 Second 500 Guide (the 2014 edition is forthcoming) list Akamai as their content delivery network.

comments powered by Disqus




From The IR Blog


Bart Mroz / E-Commerce

How smaller retailers can utilize data as effectively as Amazon

Smaller companies have more constraints, but once they set priorities can still benefit greatly from ...


Philip Masiello / E-Commerce

3 reasons retailers fall short in email and social marketing

Reason one: They’re constantly trying to sell their customer, rather than to help and engage ...

Research Guides