2

Summary

3

SummaryFastest Attack Observed in Q4 • Verisign defended a multi-vector attack that peaked at 125 Mpps and

drove a volumetric attack of 65 Gbps • The most packets-per-second flood ever observed by Verisign• Targeted a Telecommunications customer• TCP/UDP floods with small 40 byte packets targeting port 80 as well

as NTP reflection attack traffic• Consisted of multiple short bursts in DDoS traffic and continued

intermittently for several weeks

Primary Attack Vector Used in Q4 • UDP floods

• Notable increases in DNS reflection attacks

4

Mitigations by Attack Size• 62% of attacks peaked over 1 Gbps• 1/3 peaked over 5 Gbps

Mitigation Peaks by Quarter

5

Mitigations by Industry

Customers in the IT Services/Cloud/SaaS industry were the most targeted by DDoS attacks for the 5th quarter in a row.

6

Average Peak Attack Size by IndustryQuarterly

7

DNS-Based DDoS Attacks Target the Internet’s Root Servers

On Nov. 30 and Dec. 1, 2015, many of the Internet’s DNS root name servers, including the A- and J-root servers, received large amounts of anomalous traffic.

Read “Verisign’s Perspective on Recent Root Server Attacks,” for an in-depth analysis of how Verisign analysts classified and mitigated this large-scale attack.

Source: http://a.root-servers.org/metrics/index.html

8

Click to download a free copy of the Q4 2015 DDoS Trends Report

Read the Full Report

© 2016 VeriSign, Inc. All rights reserved. VERISIGN and other trademarks, service marks, and designs are registered or unregistered trademarks of VeriSign, Inc. and its subsidiaries in the United States and in foreign countries. All other trademarks are property of their respective owners.