The DDoS (distributed denial of service) attacks are continuing to evolve in the Middle East and show a continuation of extremely high volume attacks.
DDoS attack means an attacker sends too much traffic to a server beyond it can handle and the server goes offline.
Darren Anstee, Chief Security Technologist at Arbor Networks, told Gulf News that the attackers use large volume of traffic to cut their targets off from the internet. The number of attacks in the first half of the year rose to 61,937 compared to 29,326 in 2014.
He said the majority of very large attacks leverage a technique known as reflection amplification, accounting for 33.5 per cent.
Reflection amplification is a technique that allows an attacker to both magnify the amount of traffic they can generate, and complicate the original sources of that attack traffic.
“We will continue to see reflection amplification a big thing by attackers to achieve their goals,” he said.
The maximum attack size was less than 59Gbps in the first half compared to 84.36Gbps in 2014 but he said that the average duration of attack in the Middle East is double that of the global overage of one hour.
“85.8 per cent of events lasted less than one hour while 7.75 per cent of attacks lasted more than 12 hours — much higher than global level of 1.5 per cent,” he said.
The top three producers of DDoS attacks in the second quarter of this year were the US, the UK and China.
Saudi Arabia is the top target country in the first half of this year, responsible for 40 per cent of the attacks while 20 per cent of the attacks targeted Kuwait and Jordan by 10.4 per cent. Only 2.4 per cent of the attacks targeted the UAE.
In the first half, 181 attacks were over 10Gbps and 58 over 20Gbps. 27.5 per cent of the attacks were over 1Gbps compared to 20.8 per cent worldwide.
In 2014, over 500 attacks over 10Gbps targeted Middle East, 134 of them over 20Gbps.
“Middle East region shows much higher proportions of attacks in the 1-5Gbps range. Peak attack sizes look to have fallen back in the Middle East between January and May but they are slowly trending up over time.
“We recommend a multilayered defence of protection to fully protect from DDos attacks, one that integrates on-premise protection against application-layer attacks with cloud-based protection against higher magnitude volumetric attacks,” he said.