Q1 2013 was quite notable for DDoS attacks. The most formidable distributed denial of service (DDoS) attacks – ever – occurred in the first quarter of 2013; more than 10 percent of attacks exceeded 60 Gigabits per second (Gbps), and volumetric bandwidth averaged an attention grabbing 48.25 Gbps.

1. Overview of Prolexic Quarterly DDoS Attack Report: Q1 2013
Introduction
Q1 2013 was quite notable for DDoS attacks. The most formidable distributed denial of service
(DDoS) attacks – ever – occurred in the first quarter of 2013; more than 10 percent of attacks
exceeded 60 Gigabits per second (Gbps), and volumetric bandwidth averaged an attention
grabbing 48.25 Gbps. Additionally, the notorious DDoS attack on Spamhaus.org occurred this
quarter.
One of the most important trends was the targeting of internet service providers (ISPs) and
carrier router infrastructures. Packets-per-second (PPS) were notable as well (see the full
report). Most DDoS mitigation equipment is limited by PPS capacity. Even routers carrying
traffic to DDoS mitigation equipment would be strained at the level seen in Q1 2013. However,
because Prolexic operates upstream in the cloud, it typically intercepts traffic long before an
attack saturates carrier networks, making Prolexic one of the few companies in the world that
can mitigate the high-level of DDoS traffic experienced in Q1 2013.
Analysis of Attack Types
In Q1 2013, attackers favored launching infrastructure (Layer 3 and Layer 4) attacks directed
against bandwidth capacity and routing infrastructure more so application layer attacks.
However, application attacks were still significant. Favored attack types were SYN, GET, UDP,
and ICMP floods. (Download the full report for details.)
DDoS Attack Frequency in Q1: 2013 vs 2012
Prolexic mitigated the most DDoS attacks ever in Q1 2013. March accounted for 44 percent of
the Q1 2013 attacks. The most active week for DDoS attacks in Q1: March 19-26, as shown
below.

2. Overview of Prolexic Quarterly DDoS Attack Report: Q1 2013
Top Ten Source Countries: DDoS Attacks in Q1 2013
The first quarter revealed China as the leader of malicious traffic with 40 percent of sourced
botnet activity. The U.S. and Germany were second and third, respectively, as shown below.
Read the full Q1 2013 Global DDoS Attack Report for more details, including:
• Average and trends in attack duration and bandwidth
• Total number and trends of attacks by type
• Year-over-year and quarter-over-quarter comparisons
• Case study 1: An enterprise attack
• Case study 2: Metrics from a DNS reflection and amplification attack against Prolexic,
including a heat map of source countries for this attack.
• A forward look at emerging DDoS trends
About Prolexic
Prolexic Technologies is the world’s largest and most trusted distributor of DDoS protection and
mitigation services. Learn more at www.prolexic.com.
About PLXsert
Prolexic Security and Engineering Response Team (PLXsert) monitors the global malicious
cyber threats and actively analyzes DDoS attacks using proprietary techniques and equipment.