China is home of DDoS but also its victims, says Prolexic DDoS criminals are trying to batter down DDoS defences with larger attacks and new techniques, mitigation outfit Prolexic has said, only weeks after the company detected a huge assault on a Chinese company.The attack on the unnamed organisation and its DNS provider happened between 5 and 12 November and reached 45Gbit/s at peak, equivalent to 69 million packets or 15,000 connections per second, way above the level that can be easily stemmed using standalone appliances, the company claimed.The assault was sustained over nearly eight days in four different waves, focussing on the vulnerable application layers, a clear attempt to knock the business offline.“This attack was three times larger in packets per second volume than the biggest attack Prolexic has mitigated previously, which also occurred in 2011” said Prolexic CTO, Paul Sop. What is new is that the attackers had tried to hit the DDoS defences, which suggests sophistication; attackers assumed that the organisation would have some defences in place that needed to be overcome. The company’s latest analysis of DDoS attack trends for Q3 2011 found that while year-on-year the total number of attacks had decreased, the size of the attacks was growing, with attackers sometimes wielding the huge power of the recent November attack. China – or attackers using it – appears to be the major source of attacks with 55 percent emanating from the country with the majority of botnets located in the country too. Prolexic expects large DDoS attacks to emanate from China for some time to come.The most popular DDoS types were those using PPS SYN and ICMP floods while a year ago it was GET floods. Some industries are more at risk than others, which might hint at an industrial motive behind some of what is going on – top targets including gaming, gambling, hospitality and shipping with attacks now lasting 1.2 days on average.A year ago, Prolexic publicised a Philadelphia-based perfume company it had helped defend from a DDoS in the run up to Christmas 2009. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe