NEWS & EVENTS

Prolexic Mitigates World’s Largest Packet Per Second DDoS Attack in 2011

November 21, 2011

HOLLYWOOD, FL – (November 21, 2011) – Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) protection services, today announced that the company mitigated the largest DDoS attack event in 2011 in terms of packets-per-second (PPS) volume.  The attack target was a large Asian customer and its DNS service provider and it occurred between November 5 and November 12, 2011. Prolexic cautions organizations with an online presence that this magnitude of attack is confirmation of the trend toward DDoS attacks of escalating size and complexity as documented in Prolexic’s Q3 2011 attack mitigation report which can be accessed at http://www.prolexic.com/attackreports.

According to Paul Sop, chief technology officer at Prolexic, the volume of the multi-event, randomized attack reached an unprecedented peak level of 69 million packets per second, bandwidth of 45 Gbps of traffic per second, and 15,000 connections per second. These are attack rates that no standalone automated DDoS mitigation appliance or service from an ISP or major carrier would be able to successfully mitigate. Attackers used six different attack signatures during the event, including a combination of bandwidth-driven Layer 3 and targeted Layer 7 attacks aimed at the organization’s critical application layer. Prolexic mitigated a total of four separate DDoS attacks over the course of the event, which lasted 7 days and 20 hours.

“This attack was three times larger in packets per second volume than the biggest attack Prolexic has mitigated previously,­­­ which also occurred in 2011” said Sop. “Frankly, we are not surprised since we have seen an almost four-fold increase in packet volume since Q3 2010. This increase reflects an emerging strategy in which attackers directly target a company’s DDoS mitigation appliances, which are commonly vulnerable to such attacks, as they cannot handle such high PPS rates. Prolexic is staying one step ahead of this trend through additional investments in DDoS mitigation infrastructure in the regions where we’ve seen the greatest increase of botnet activity and thus the greatest influx of extremely large attacks.”

Using Prolexic’s proprietary mitigation tools and live monitoring strategy, Prolexic technicians quickly identified a randomized attack consisting of the largest volume of GET, SYN, ICMP, UDP and DNS floods launched in a single attack campaign this year.  They also identified that the attack was coming from botnets in multiple worldwide locations with China being the primary location of the highest recorded botnet traffic. In addition, unlike typical DDoS attacks that are coordinated from one geographic source, this attack was much more sophisticated because it was coordinated globally. Despite the unprecedented volume and complexity of the attack, time-to-mitigation in each DDoS attack was within minutes of the time traffic began flowing through the Prolexic scrubbing centers.

An early warning for the 2011 holiday online shopping season

Sop warns that this steady escalation in attack size and complexity will be especially threatening to e-Commerce businesses during the 2011 holiday season.  He also cautions that other industries such as hospitality, gaming, and shipping services, should also be on high alert for DDoS attacks in Q4 2011 as botnet activity continues to ramp up in the Asia Pacific region. Sop advises that having attack prevention measures in place from a DDoS mitigation specialist is the best defense against attacks of escalating size and complexity during the online holiday shopping season and beyond.

“Prolexic succeeded in mitigating what was the largest DDoS attack this year in part because we could provide 24/7 real-time monitoring and immediate response to changing attack signatures,” said Sop. “Prolexic specializes in mitigating high bandwidth attacks, so we had already invested in the technology and training to be ready for this exceptional attack. And we’re ready to mitigate even larger attacks in the future.”

About Prolexic

Prolexic is the world’s largest, most trusted Distributed Denial of Service (DDoS) mitigation provider. Able to absorb the largest and most complex attacks ever launched, Prolexic restores mission critical Internet facing infrastructures for global enterprises and government agencies within minutes. Ten of the world’s largest banks and the leading companies in e-Commerce, SaaS, payment processing, travel/hospitality, gaming and other at-risk industries rely on Prolexic to protect their businesses. Founded in 2003 as the world’s first “in the cloud” DDoS mitigation platform, Prolexic is headquartered in Hollywood, Florida and has scrubbing centers located in the Americas, Europe and Asia. For more information, visit www.prolexic.com.

###

Contact:
Michael E. Donner
SVP, Chief Marketing Officer
Prolexic
media@prolexic.com
+1 (954) 620 6017

Customer Spotlight
  • Fragrance and Beauty Products Retailer

    A DDoS attack takes down this popular site for 24 hours. Prolexic restores in 5 minutes.

    DOWNLOAD CASE STUDY >>
  • Leading Online Jewelry Retailer

    A DDoS attack took down the site of a premier jewelry retailer for nearly three days.

    DOWNLOAD CASE STUDY >>
  • Online Options Trading

    Financial services firm avoids extortion attempt. Prolexic keeps web site up during vicious Layer 7 attack.

    DOWNLOAD CASE STUDY >>
  • e-Commerce Startup

    When others couldn't mitigate the latest DDoS attack, a "daily deal" web site called Prolexic: problem solved in 2 hours.

    DOWNLOAD CASE STUDY >>
  • A Leading Content Rating Organization

    A 9 million packets per second DDoS attack brings down web site before Prolexic steps in.

    DOWNLOAD CASE STUDY >>
  • Spa and Wellness Firm

    Prolexic quickly stops a combination Layer 4 and 7 DDoS attack after a host's mitigation capabilities falls short.

    DOWNLOAD CASE STUDY >>
  • Foundation Management

    Prolexic mitigates GET flood in minutes for new client after Sunday night emergency call.

    DOWNLOAD CASE STUDY >>
  • Web site building and hosting services firm

    Prolexic mitigates Layer 4 UDP flood peaking at 6.2 Gbps. Protects 6 million Yolasites.

    DOWNLOAD CASE STUDY >>
  • Online Movie Subscription Service

    After seeing all traffic route to Prolexic, hackers pull the plug on DDoS attack.

    DOWNLOAD CASE STUDY >>
  • IPG Holdings Limited

    Prolexic mitigates Layer 7 GET floods targeting payment processing platform.

    DOWNLOAD CASE STUDY >>
  • VirtualRoad.org

    Prolexic mitigates politically motivated attacks against web hosting company's clients.

    DOWNLOAD CASE STUDY >>
  • Financial Services Firm Global eSolutions

    Prolexic mitigates Layer 3, 4 and 7 attacks against Forex trading platform.

    DOWNLOAD CASE STUDY >>
  • Krebs on Security

    Prolexic fends off Pandora DNS amplification attacks for popular cyber security blog.

    DOWNLOAD CASE STUDY >>
  • e-Commerce Provider of Printed Promotion Items

    Prolexic mitigates two-week Layer 7 DDoS attack campaign.

    DOWNLOAD CASE STUDY >>
  • Global Blogging Site

    Prolexic protects freedom of speech for 30 million users targeted by six-month political DDoS campaign.

    DOWNLOAD CASE STUDY >>
  • Online Credit Card Site

    Prolexic mitigates Layer 4 DDoS attacks against Ixaris site, EntroPay.com.

    DOWNLOAD CASE STUDY >>
  • e-Commerce Web Site

    Prolexic mitigates 25-40 Gbps Layer 3 DDoS attacks against online auto parts retailer.

    DOWNLOAD CASE STUDY >>
  • Timepieces e-Commerce Site

    Prolexic keeps World of Watches ticking after DDoS attack flood site.

    DOWNLOAD CASE STUDY >>
  • PayPro Global

    Prolexic mitigates 16-hour Layer 7 DDoS attack on software distribution site.

    DOWNLOAD CASE STUDY >>
  • Henyep Capital Markets

    Prolexic keeps Henyep accessible and trading through multiple SYN, GET and ICMP flood attacks.

    DOWNLOAD CASE STUDY >>
  • Australia’s #1 Job Search Website

    Prolexic keeps Seek.com.au online and incident-free for millions of job seekers.

    DOWNLOAD CASE STUDY >>
  • e-Commerce Hosting Provider for Top Tier Sites

    Prolexic keeps Americaneagle.com and its customers generating revenue

    DOWNLOAD CASE STUDY >>
  • Popular Online Betting Site Doesn’t Gamble with DDoS

    Prolexic ensures Betstar’s online services are reliable and incident free

    DOWNLOAD CASE STUDY >>
  • Customer ROI requires online accessibility and reliability

    Prolexic ensures Clickpoint! Media's online services are available and incident-free

    DOWNLOAD CASE STUDY >>
  • University Federal Credit Union

    Prolexic's mitigation services now protect credit union with US$1.6 Billion in assets

    DOWNLOAD CASE STUDY >>
  • 1ink.com

    Prolexic mitigates 70 Gbps SYN flood DDoS attack for popular ink retailer

    DOWNLOAD CASE STUDY >>
  • Arab National Bank

    Builds strong DDoS defense to serve online banking customers and e-trade site

    DOWNLOAD CASE STUDY >>
  • OnCourse Systems for Education

    Prolexic succeeded where two other mitigation firms failed

    DOWNLOAD CASE STUDY >>
Announcements
  • Inside Prolexic’s Security Operations Center

    Watch the video tour to see where we receive calls and stop DDoS attacks.

    LEARN MORE >>
  • Webcast: How to Survive a DDoS Attack

    Featuring: Gartner Analyst, Lawrence Orans and SpaFinder CEO, Pete Ellis 31:46

    LEARN MORE >>
  • Get a Free RSA 2014 Expo Hall Pass Today from Prolexic!

    Make Prolexic Booth 1433 Your First Stop!

    LEARN MORE >>
  • Prolexic, Akamai Team Up for a Safer Internet

    Deal expected to close in first half of 2014

    LEARN MORE >>