Europe is the world's biggest target for DDoS attacks, F5 Networks claims

DDoS Attack on screen
(Image credit: Shutterstock)

Global DDoS attacks soared by 64% last year, security intelligence firm F5 Labs has claimed.

According to customer data from the company's Poland-based security operations centre (SOC), DDoS attacks are continuing to grow worldwide, but evolving moreso in Europe, with over 51% of reported global DDoS attacks happening in the continent.

F5 Networks said the relative drop in power for single attacks could be attributed to the spike in activity, with the firm's SOC reporting multiple attacks of over 100Gbps, with some surpassing 400Gbps.

However, in 2017, the top attack stood at 62Gbps, suggesting a move towards more sophisticated Layer 7 DDoS attacks that are more effective because they have lower bandwidth requirements.

66% of reported DDoS attacks were multi-vector and required sophisticated mitigation tools and knowledge.

"DDoS threats are on the rise in EMEA compared to the rest of the world, and we're seeing notable changes in their scope and sophistication compared to 2016," said F5 SOC Manager, Kamil Wozniak.

"Businesses need to be aware of the shift and ensure, as a matter of priority, that the right solutions are in place to halt DDoS attacks before they reach applications and adversely impact on business operations."

He added that Europe is a hotspot for attacks on a global scale, so there is "minimal scope for the region's decision-makers to take their eyes off the ball".

Another key discovery in the data showed that during Q4 2017 was the extended reach of the Ramnit trojan. Initially built to hit banks, F5 Labs found that 64% of its targets during the holiday season were US based e-commerce sites.

Other new targets included sites related to travel, entertainment, food, dating and pornography.

"Attack vectors and tactics will only continue to evolve in EMEA," added Wozniak.

"It is vital that businesses have the right solutions and services in place to safeguard apps wherever they reside. 2017 showed that more internet traffic is SSL/TLS encrypted, so it is imperative that DDoS mitigation solutions can examine the nature of these increasingly sophisticated attacks."

He added that this will be particularly important in 2018 as the EU General Data Protection Regulations (GDPR) comes into play.