Nexusguard Analysts: Attack Researchers Are Top DDoS Target

Geopolitical events continue to fuel uptick in region-specific cyberattacks

An attack research group was the No.1 target of distributed-denial-of-service (DDoS) attacks, and the Middle East region also saw a sharp increase in attacks last quarter, according to Nexusguard’s “Q1 2016 Threat Report.” Nexusguard, the worldwide leader in DDoS security solutions, analyzes a network of vulnerable devices for new cyber threats across boundaries and scans data for trends in attack vectors, duration, sources and other characteristics in order to inform organizations across industries of the latest methods. The company’s quarterly reports arm security professionals with information to help them properly protect their networks. 

Nexusguard’s “Q1 2016 Threat Report” found the attack type of choice against researchers was network time protocol (NTP), with some victims receiving attacks almost daily. The increase in attacks against researchers contributed to the spike in popularity of NTP-style attacks, taking back the No.1 spot from domain name system (DNS) vulnerabilities. Nexusguard’s security analysts also found most attacks lasted under 10 minutes, and had a mean time of five minutes. The decrease in duration could be related to the continued rise in popularity of DDoS-for-hire services, which have led to shorter attack times. As a result, Nexusguard analysts recommend organizations implement monitoring systems that can detect events on a second- or sub-second interval.

“Researchers and their related groups are becoming high-valued targets for digital criminals. We have seen this in the past, but never as a primary target for a whole quarter, making the findings in this quarterly report all the more important,” said Terrence Gareau, chief scientist at Nexusguard. “We also found that the rise in DDoS-for-hire services is drastically changing the threat landscape, and organizations need to ensure their networks can handle new attack breeds.”

In studying the top 10 list of targets by country, the United States and China returned to the first and second positions, suffering more than 49,000 combined attacks. Turkey fell out of the rankings, reinforcing Nexusguard’s previous speculation that the peak of these attacks in Q4 2015 was related to tensions between Russia and Turkey that occurred at the time. Additionally, Middle Eastern countries saw an 83 percent increase in the number of attacks in Q1, and researchers predict there will be more attacks against countries in the region as tensions continue to rise.

Read the full "Q1 2016 Threat Report" for more details.

About Nexusguard
Founded in 2008, Nexusguard is the global leader in fighting malicious Internet attacks. Nexusguard protects clients against a multitude of threats, including distributed denial of service (DDoS) attacks, to ensure uninterrupted internet service. Nexusguard provides comprehensive, highly customized solutions for customers of all sizes, across a range of industries, and also enables turnkey anti-DDoS solutions for service providers. Nexusguard delivers on its promise to maximize peace of mind by minimizing threats and improving uptime. Headquartered in San Francisco, Nexusguard’s network of security experts extends globally. For more information, visit www.nexusguard.com.