Looking at the latest DDoS attack statistics from CloudFlare’s network, it seems that hackers love the holidays.
Zooming in on November and December 2012 it’s not hard to spot when Thanksgiving 2012 happened. Fully 1/5 of the attacks that CloudFlare saw in November and December (so far) happened on the Thursday and Friday of Thanksgiving:
In the past we’ve seen drops in DDoS attacks on some holidays because the home and office machines used as bots in those attacks have been turned off. For example, this year we noticed a large drop in attack activity on Earth Day (when people are encouraged to switch off their machines to save the planet). But this year’s Thanksgiving attack statistics indicate that plenty of hacked machines were online through the holiday.
But what does this tell us about the coming Christmas holiday period? To answer that we can look back to December 2011. CloudFlare has DDoS data for December 11, 2011 to January 1, 2012 which shows two distinct peaks of attack activity: one just before Christmas and one just after.
So, if 2011 is a guide DDoS attackers will be taking a few days off over Christmas, but will be keeping the pressure on just before and immediately after. That’s probably not a surprise as some fo the attackers will be attempting to disrupt businesses during critical periods for pre- and post-Christmas sales.
Even though there’s a Christmas lull, that doesn’t mean that CloudFlare staff will be letting down their guard, however. We’ll be here working to ensure that whenever attacks arise and from whereever we’re ready to absorb and deflect them.
John Graham-Cumming is the lead programmer at CloudFlare, the content delivery and security network. Prior to CloudFlare he worked at a number of startups and created the award-winning POPFile email machine learning software. He knows way too much about GNU Make having self-published a book entitled GNU Make Unleashed. He joined CloudFlare to take on the task of ‘patching the Internet.’