CONTENT delivery network (CDN) services provider Akamai Technologies Inc. announced on February 15 distributed denial of service (DDoS) attacks greater than 100 gigabytes per second (Gbps) increased 140 percent year-over-year from the fourth quarter of 2016.
According to Akamai, the largest DDoS attack in the fourth quarter of last year, which peaked at 517 Gbps, came from Spike, a non-Internet of Things (IoT) botnet that has been around for more than two years.
“If anything, our analysis of fourth quarter 2016 proves the old axiom ‘expect the unexpected’ to be true for the world of Web security,” Akamai Senior Security Advocate Martin McKeay was quoted in a statement as saying.
McKeay surmised the attackers, in control of Spike, felt challenged by Mirai and wanted to be more competitive.
“If that’s the case, the industry should be prepared to see other botnet operators testing the limits of their attack engines, generating ever larger attacks.”
Akamai’s report revealed that seven of the dozen fourth quarter 2016 mega attacks, those with traffic greater than 100 Gbps, can be directly attributed to Mirai.
“As we saw with the Mirai botnet attacks during the third quarter, unsecured IoT devices continued to drive significant DDoS attack traffic.”
McKeay, who is also the senior editor of Akamai’s “State of the Internet/Security Report”, added: “With the predicted exponential proliferation of these devices, threat agents will have an expanding pool of resources to carry out attacks, validating the need for companies to increase their security investments.”
He said that additional emerging system vulnerabilities “are expected before devices become more secure.”