Despite the earlier FBI crackdown, the DNS amplification types of DDoS attacks continued to be a favorite of DDoS-for-hire websites, soaring more than 40 times their volume compared to last quarter. The resurgence of DDoS-as-a-service and the growing botnets reinforce the evolving cyber threat of DDoS attacks for enterprises and communications service providers (CSPs).
- "Booter” services are still readily available to meet the incessant demand for DDoS attacks — particularly DNS Amplification attacks.
- Bit-and-Piece attack tactics evolved, becoming more automated and targeted, with attacks on targeted IP ranges showing a more precise and consistent pattern.
- More than 60% of application attacks originated from botnets formed by mobile gateways.
- The continued shift to the leverage of mobile devices in attacks, which has created a new breed of botnets that caused the maximum attack durations to spike to more than 40,000 minutes at a time, or more than 27 days.