New research by Arbor Networks counted 274 distributed denial-of-service (DDoS) attacks measuring 100 Gbps or higher and 46 attacks at 200 Gbps or higher in the first half of 2016.

The peak attack reported by Arbor Networks so far in 2016 was at 579 Gbps. That is significantly higher than the peak reported in 2015.

During the survey period, 80 percent of DDoS attacks lasted 30 minutes or less. Nearly all lasted less than an hour, Arbor Networks reported.

DDoS Attacks Growing in Volume

The overall average DDoS attack volume in the first half of 2016 now stands at 986 Mbps. However, Arbor forecast that the average for the full year will grow to 1.15 Gbps.

“While attackers use many different technologies to achieve high levels of bandwidth, the most common approach is a domain name system (DNS) reflection attack,” eWeek noted. “For attacks more than 10 Gbps, the United States, France and the United Kingdom are the top targets, while overall across all DDoS attacks, the United States, Korea and China are the top three targeted countries.”

Attackers using DNS reflection can amplify a DDoS attack through the abuse of a misconfigured DNS service to reflect and forward requests. This is how it generates more attack bandwidth.

An Old, Creaky System

According to Arbor, the top target for DDoS attacks in the first half of 2016 was Port 80, which is the port routinely used for HTTP web traffic. In second place is Port 53, which is typically used with DNS.

DNS is an old, creaky system that holds the internet together, so it’s no surprise to learn that attackers can fool it. DNS must improve in general, not only to prevent DDoS misuse, but also to avoid other switching problems and keep the wheels of the internet running.

This recent report from Arbor Networks highlighted how the existing DNS implementations can aid and abet the inherent friction in the internet’s distribution system. Organizations must be prepapred to thwart these attacks