Nineteen distributed denial-of-service (DDoS) attacks exceeded 100 Gbps during the first three months of the year, hitting a new record, according to researchers from Akamai.
The year prior, just eight attacks were over 100 gigabit per second, the firm said.
In its latest state of the internet report [pdf], the content delivery network provider analysed more than two petabytes of threat intelligence data and found the total number of DDoS attacks increased by over 125 per cent year on year in the first quarter of 2016.
Most of the attacks were achieved through abusing vulnerable network time protcol (NTP) servers, using reflection to amplify small queries into responses with large amounts of data that are redirected at victim systems and networks.
Attackers are also increasingly sophisticated, using multiple vectors and varying packet sizes and rates to further tie up router capacity and resources. Six attacks exceeded 30 million packets per second, while two were larger than 50 Mpps.
Denial of service attacks via so-called booter and stresser sites are cheap: Akamai quoted one example of a site that advertised 7200 second DDoS attacks for US$69.99, which is around 58 US cents a minute.
As in the past, the online gaming industry bore the brunt of DDoS attacks. Extortionists were also using the threat of DDoS attacks to scare site operators into paying ransom, with copycat blackmailers appearing throughout the last year.
China was the most prolific source of DDoS attacks in the first quarter of 2016, accounting for 27 percent of incidents noted by Akamai, followed by the United States and Turkey.