Cloud, SaaS Companies Continue to be Battered by DDoS Attacks in Q3 2015: VeriSign Report

DDoS attacks increased dramatically in Q3 2015, reaching their highest volume in two years, according to the latest quarterly security report from VeriSign. The number of attacks mitigated by Verisign grew by 53 percent, and the average DDoS attack size grew 27 percent to 7.03 Gbps, the Q3 2015 DDoS Trends Report said.

The report explores the security of operating systems once thought to be more secure against malware vulnerabilities, like Linux, Mac OS X and iOS, in the wake of discoveries like Apple app vulnerability XcodeGhost, Linux botnet Ballpit, and mobile iOS malware YiSpecter.

Almost 3 out of 5 attacks peaked at over 1 Gpbs, with one-third reaching 5 Gbps and 1 in 5 reaching 10 Gpbs. NTP, DNS, and SSDP UDP floods were the most common attacks, collectively accounting for almost two-thirds of all attacks in the quarter.

For the fourth consecutive quarter the most commonly attacked industry was IT services/cloud/SaaS, in which 29 percent of companies were attacked, slightly more than the 26 percent of media and entertainment companies. Both sectors have also experienced attacks this year peaking at more than 80 Gbps.

Interestingly, only 5 percent of ecommerce and online advertising were attacked in the quarter, considerably less than financial, public sector, and telecom companies, which ranged from 12-15 percent.

Malware protection company Malwarebytes acquired Mac protection provider AdwareMedic in July in recognition of the spread of vulnerability across OSs.