The short duration DDoS attacks represented 96 percent of attacks against Corero’s customers in the fourth quarter of 2014. While the DDoS attacks were short in duration, Corero reported that its customers saw an average of 3.9 attacks per day. From an attack bandwidth perspective, 79 percent of the DDoS attacks Corero saw in the fourth quarter came in at 5 Gbps or less.
“There is an existing preconception that DDoS is exclusively used to deny service to web properties or online services,” Dave Larson, CTO and VP of Product at Corero Network Security, told eWEEK. “Our data suggests expanding the understanding of the acronym to include degrading and evading the network security layer.”
As to why Corero’s customers saw many short duration attacks, Larson commented that it is the reason for the attack that defines the timescale. In his view, the short duration attacks, are either masking some other kind of intrusion activity, which can occur within an even shorter timeframe – possibly a couple of seconds, or they are probe events to gauge the responsiveness of an intended target.