The last three months of 2016 saw significant progress in DDoS attacks. The methods are becoming more and more complex, the array of devices utilized by botnets γίνεται όλο και πιο ποικιλόμορφη, ενώ οι επιτιθέμενοι αναδεικνύουν τις ικανότητές τους, επιλέγοντας μεγαλύτερους και πιο εμφανείς στόχους. Όλα αυτά, και πολλά άλλα, αναλύονται από τους ειδικούς της Kaspersky Lab in their report on DDoS attacks for the fourth quarter of 2016. 
During that time, Kaspersky Lab's DDoS Intelligence system reported bots-assisted DDoS attacks in 80 countries, up from 67 in the previous quarter. A change was also made in the top 10 countries with the highest number of victims of such attacks, with Germany and Canada replacing Italy and the Netherlands. Three Western European countries (Netherlands, United Kingdom and France) remained in the top ten countries with the largest number of hosted C&C servers for the second consecutive quarter, followed by Bulgaria and Japan in the fourth quarter.
The longest-running DDoS attack in the fourth quarter lasted 292 hours (or 12,2 days), a record size for 2016. The last quarter also saw a record number of DDoS attacks in a single day - 1.915 attacks on November 5. .
Overall, the fourth quarter of 2016 was rich in remarkable DDoS attacks over a wide range of targets, including Dyn's Domain Name System, Deutsche Telekom and some of the largest banks in Russia. Companies were among the first victims of a new trend, namely DDoS attacks that started through huge botnets made up of vulnerable IoT devices, of which Mirai is a typical example. The approach used by Mirai creators has been the basis for many other botnets created by "infected" IoT devices.
The growing number of attacks using IoT devices was just one of the main trends in the fourth quarter. Throughout the quarter, there was a significant reduction in the number of enhanced DDοS attacks, which were popular in the first half of 2016. This size was reduced thanks to better protection against such attacks but also due to the reduced number of vulnerable servers available of digital criminals.
Η θέση που απελευθερώθηκε από τις ενισχυμένες επιθέσεις καλύπτεται από επιθέσεις σε επίπεδο εφαρμογής, συμπεριλαμβανομένων των επιθέσεων WordPress Pingback. Η detection application-level attacks create a much greater challenge because they mimic the activities of real users. The fact that these attacks make more frequent use encryption serves only to increase the level of risk. Encryption dramatically increases the effectiveness of DDoS attacks, complicates the process of filtering from the "unwanted" among many legitimate requests due to the need to decrypt them.
Kaspersky Lab specialists predict that the trend towards increasingly complex DDoS attacks and a larger number of IoT botnets will continue with 2017.
«IoT devices can launch DDoS attacks of any complexity, including application-level attacks and encrypted attacks. Given the effectiveness of IoT botnets, as well as the increasing number of poorly protected IoT devices, we can reasonably anticipate an increase in the number of these attacks as well as their strength and complexity. This means that companies have to take care of their protection in advance, and thoroughly opt for the protection solution for DDoS attack filtering, "said Kirill Ilganaev, Kaspersky Lab Kaspersky Lab's head of Kaspersky DODS Protection.
