Web Stats and DDoS Facts

The first quarter of 2014 is over and we have the latest updates from Netcraft and Prolexic. In April 2014, there were 958M websites, almost crossing the one billion mark. Next, Prolexic published its 36 page DDoS Report for Q1 of 2014. The key points are summarized below. The takeaways from the DDoS report; 54% of all attacks monitored by Prolexic occurred against the Media and Entertainment industry, followed by Software and Technology Industry, enduring 17% of the attacks.

On the DDoS front, application layer attacks accounted for 13% of all attacks, with infrastructure layer attacks accounting for the remaining 87%. The DDoS attacks against the infrastructure are much higher due to the fact that DDoS-for-hire services make it easier for threat actors to launch attacks with fewer resources and less skill.  

  April 2014 Web Server Market Share – Netcraft
  • 958,919,789 Websites
  • 39M more sites than last month
  • Apache accounted for 361,853,003 websites – 37%
  • Microsoft IIS accounted for 316,843,695 websites – 33%
  • Nginx accounted for 146,204,067 websites – 15%)
2014 Q1 Prolexic DDoS Report Snapshot
  • 3 Protocols have been used extensively in Q1: Character Generator (CHARGEN), Network Time Protocol (NTP) and DNS, that are based on UDP
  • The protocols above enable attackers to hide their identify through spoofing
  • Largest attack on Prolexic was in Q1 that came in at 200Gbps, over a 10 hr period, at 53.3 million packets per second
  • DDoS-as-a-service enables threat actors to inflict more damage with fewer resources and minimal skill
  • Application layer attacks require more skill
  • In Q1 2013 CHARGEN and NTP were not observered. In Q1 2014, CHARGEN and NTP accounted for 23% of all infrastructure attacks
  • Attacks against media and entertainment accounted for 54% of all attacks
  • Asia PAC accounted for 60% of all attacks
  • Infrastructure-layer attacks accounted for 87% of the attacks, while application layer attacks account for 13%
  • DDoS Attacks per Industry: Media-54%, Software and Technology-17%, Security-12%, Finance-9% and Gaming-7% Web Stats and DDoS Facts