Marzena Trembecka
Marzena Trembecka

Ddos attacks in q2 2017

Q2 2017, as far as cybersecurity is concerned, compared to the previous years, is not optimistic. How do the statistics of conducted DDoS attacks look like in Q2 2017?

Kaspersky Lab report “IT threat evolution Q2 2017” demonstrates that there are more cyberattacks directed at China and USA. The longest DDoS attack in Q2 2017 lasted 277 hours what means 131% increase compared to the previous quarter.

DDoS attacks divided into countries

Significant increase in DDoS attacks directed at China from 55.11% in Q1 to 58.07% in Q2 and at USA from 11.37% to 14.04% in Q2. Nearly 50% increase in attack at Hong Kong from 1.37% to 2.38% and Great Britain from 0.77% to 1.38%. South Korea registered the drop in cyberattacks from 22.41% in Q1 2017 to 14.17% and Russia from 1.60% to 1.23%.

Sunday - hackers' favourite day

The number of attacks from April to June 2017 ranged from 131 to 904. The most popular day of conducting attacks was Sunday (15.57% of all the attacks) and Thursday (15.39%). The fewest attacks were conducted on Monday (11.78%). In Q1 2017 the most popular day for DDoS attacks was Saturday (16.05%), whereas on Monday(12.28%) and Wednesday (12.68%), there were the fewest attacks.

Most frequently used types of DDoS attacks

The significant increase in the types of DDoS attacks was SYN. In Q1 it was 48.07% and in Q2 it increased to 53.26%. The attacks of UDP type also increased (from 8.71% to 11.91%) and HTTP (from 8.43% to 9.38%). The share of TCP type attacks dropped from 26.62% to 18.18% among all DDoS attacks.

The longest registered attack lasted 277 hours; this is 157 hours longer than the longest attack in the Q1. The share of attacks lasting 4 hours or less increased to 85.93%. Whereas, attacks lasting 5-9 hours are maintained at the same level of 8.35% (in Q1 it was 8.45%).


While comparing Q1 and Q2 2017, there were no significant changes within cybersecurity and DDoS attacks. In the preceding period, most of detected attacks came from China and they were also directed at China.

While observing the behaviours of companies and institutions in the case of a cyberattack or cyberattack threats, some companies were ready to pay the demanded money to hackers. It generates an enormous wave of frauds and money extortion under the threat of conducting a cyberattack.

How to protect against cyberattacks?

First of all, take care of proper data security. Create data back-up copies regularly. It is worth educating employees within cybersecurity: not opening e-mails from unknown sources, using passwords which are the combination of digits, letters and special characters and not logging to the public Wi-fi network from business devices.

In the event of an attack – not responding to hackers' demands and not paying any ransom. Proper security measures and using the external anti-cyberattack security will ensure security and reduce the risk of cyberattack occurrence.

Andrzej Prałat
Marzena Trembecka

For media

Provide us with contact details.

Thank you