Somebody is going after the Web infrastructure of financial services firms in a big way. Distributed denial of service (DDoS) attacks aimed at such companies serviced by Prolexic increased threefold in the first quarter of 2012, the security firm said Wednesday.
Prolexic, which specializes in DDoS protection services, said it "mitigated more attack traffic" in the first three months of this year than it had in all of 2011. In addition to the massive spike in attacks aimed at financial services clients from the final quarter of last year, Prolexic said it had seen a 3,000 percent sequential increase in malicious packet traffic.
The security firm, which released its Quarterly Global DDoS Attack Report this week, said the first quarter had seen a 25 percent increase in the total number of DDoS attacks from the same period a year ago and a 25 percent year-over-year increase in application layer attacks.
"This quarter was characterized by extremely high volumes of malicious traffic directed at our financial services clients," Neal Quinn, Prolexic's vice president of operations, said in a statement. "We expect other verticals beyond financial services, gaming, and gambling to be on the receiving end of these massive attack volumes as the year progresses."
The raw numbers: In the first quarter of 2011, Prolexic identified and mitigated 168 trillion bits of data and 14 billion packets of malicious traffic targeting its financial services clients, but saw those numbers explode in the first three months of 2012 to 5.7 quadrillion bits of data and 1.1 trillion malicious packets.
The security firm said attacks on financial clients were generally shorter in the more recent quarter, going from an average of 65 hours in the 2011 period to 28.5 hours in the first quarter of 2012. Prolexic also identified a switch in tactics by attackers from UDP floods to GET and SYN floods.
The main source country for DDoS attacks remained China, according to the security firm, but the U.S. and Russia have "moved up in the rankings."
Prolexic predicted that DDoS attacks would continue to rise and that the trends it was seeing would continue to play out. That means that we should expect shorter attack durations with higher traffic volumes, the company said, and that DDoS attacks targeting Layer 7 will continue to rise (although Prolexic stressed that "[i]nfrastructure layer attacks targeting Layer 3 and Layer 4 continue to be the choice of attackers").
The security firm also advised relevant parties to be on the lookout for SYN Floods, which have emerged at "the go-to attack type" for DDoS perpetrators.
For more from Damon, follow him on Twitter @dpoeter.
