Cyber criminals are launching larger Distributed Denial of Servcie (DDoS) attacks but the duration of the strikes are getting shorter, according to security experts.
For instance, the average DDoS attacks remained solidly over 2Gbps during the first six months of 2013, network security and software company Arbor Networks Inc. reported. Attacks from January to June this year exceeded 20Gbps, more than double the strength of attacks in 2012.
The largest attack was the March hit on anti-spam organization Spamhaus Project which reached 300 Gbps at its height.
Attackers are targeting multiple sites during the course of day but they don’t continue with the attack if they do not see immediate results, said Michael Smith, CSIRT director for Akamai Technologies.
He said attackers move from one target to the next after 10 or 20 minutes.
The attacks are becoming bigger because they have more access to resources, according to Marc Gaffan, founder of DDoS protection firm Incapsula Inc.
He said attackers are not dallying with a downed Web site because they want to “conserve ammunition and fly under the radar.”
There’s no point on continuing to attack a down site because it will take time for operators to bring it up and running anyway, he said.