While working on the annual report this year we have decided to avoid retelling the news headlines of the previous year and, though it is almost impossible to ignore memories absolutely, we want to share with you the result of a clear thought and a strategic view to the point where we all are going to arrive in the nearest time - the present.
Leaving introduction words behind, here are our key findings:
- Average DDoS attack duration dropped to 2.5 hours;
- During 2018, the capability appeared for attacks at hundreds of gigabits-per-second within a country or region, bringing us to the verge of “quantum theory of bandwidth relativity”;
- The frequency of DDoS attacks continues to grow;
- The continuing growth of HTTPS-enabled (SSL) attacks;
- PC is dead: most of the legitimate traffic today comes from smartphones, which is a challenge for DDoS actors today and would be the next challenge for DDoS mitigation companies;
- BGP finally became an attack vector, 2 years later than we expected;
- DNS manipulation has become the most damaging attack vector;
- Other new amplification vectors are possible, like memcached & CoAP;
- There are no more “safe industries” that are invulnerable to cyberattacks of any kind.
In this article we have tried to cherrypick all the most interesting parts of our report, though if you would like read the full version in English, the PDF is available.