According to the Q2 2017 statistic data, gathered by DDoS-GUARD, the most dangerous DDoS attacks happen on Tuesdays, Thursdays, and Sundays.
But the maximum number of attacks occurs not only on these days, but also on Mondays. Saturday turned out to be the most unpredictable day of the week, on which hackers can be very active, and vice versa—they can go into hiding.
In the second quarter of 2017, from 18 to 330 DDoS attacks happened to occur per day. During a day, the maximum number of attacks occurred at 3:00 PM and 8:00 PM, the minimum number of attacks—at 4 in the morning. The peak hours fell on between 8:00 and 9:00 PM on Thursdays and Saturdays, but in the early morning hackers usually take no action: a few attacks take place on Tuesdays at 5:00-6:00 AM, Wednesdays at 4:00-5:00 AM, and Thursdays at 3:00 and 5:00 AM.
The ratio between the number of attacks and the protocols, which the attacks were carried through, remained similar to previous quarter, but it is worth noting that the number of “Others” attacks rose by 5.7 times.
The number of UDP attacks increased by 31,3%, the number of TCP attacks increased by 10.9%, but the amount of attacks carried through other protocols decreased by 7.4 times. This suggests that the interest of hackers concentrated on the use of vulnerabilities of the UDP and TCP protocols.
The shortest attack lasted a little more than a minute, the longest attack was ongoing more than 3 hours, it targeted a Ukrainian hosting provider. It is worth mentioning that web hosting companies are often targeted with DDoS attacks, since by blocking the hosting, one can make unavailable all the websites located on it. Therefore, it is not surprisingly that these type of companies are on the target list of hackers, from year to year being in the TOP 3.
An increase in the number of attacks on gaming projects, hosting providers, and “others” (media libraries, private sites, University websites etc.) was observed. Meanwhile, the number of attacks on media sites has dropped.
Speaking of the victims geography, the leaders of this sad rating remained the same: China, USA, and Russia (among customers of DDoS-GUARD). There is a slight increase (1%) in attacks on the network infrastructures of Russia in comparison with the 1st quarter of 2017.
The reduction in the number of attacks is attributable to the decrease in the number of DoT (‘DDoS of Things’—the DDoS attacks generated by IoT botnets) that have made a significant contribution at the end of 2016—early 2017. However, they are being replaced by Windows bots, and after a traditionally silent summer season, you can expect a jump in the number and power of DDoS attacks.