More concerns arise over DDoS threats facing enterprises and service providers
According to data released by distributed denial of service (DDoS) security provider Black Lotus, average packet volume for DDoS attacks increased 340% and average bit volume shot up 245% in the final quarter of 2014.
The attacks, which appeared in the Black Lotus Q4 2014 Threat Report, were described by Shawn Marck, co-founder and chief security officer at Black Lotus, as “smokescreens for other underhanded activity.”
The largest attack drew 41.1 gigabits per second in bit volume and an eye watering 36 million packets per second. In comparison, an average attack was comprised of 12.1 Gbps and 4.36 Mpps. Despite this, Q4 was the first quarter an average attack went over 10 Gbps, which Black Lotus noted was “alarming.” The most common DDoS attack type was a UDP flood (53%), followed by a SYN flood (15%) and HTTP get flood (14%).
Overall in Q414 there were 143,410 confirmed DDoS attacked mitigated on the Black Lotus network – but that was only 12% of the overall 1.1 million attacks registered throughout the course of the year. 49% of the attacks in Q4 were regarded as severe. This represents relatively good news from the Black Lotus perspective, although the warning over threats remains.
“Instead of taking on the shotgun approach, the attacks were by far more targeted and severe as demonstrated by the significantly higher peak packet volume,” the researchers write. “When more effective zero day attacks do not exist, attackers will often fall back to tried and true methods of attacking systems such as SYN floods and application layer attacks which are often launched in tandem.”
The researchers noted the ‘up-and-coming’ countries for DDoS attacks were Vietnam, India and Indonesia, adding that the prevalence of compromised endpoint devices make them prime sources of newly created botnets, even if they don’t have a large enough bandwidth to launch massive volumetric DDoS attacks.
According to Marck, even though the latest battle has been won, the war still rages on. “With networks and IT teams becoming defter at spotting and stopping volumetric attacks, cybercriminals are turning to blended approaches to confuse organisations, often using DDoS attacks as smokescreens for other underhanded activity,” he said.
A report from Arbor Networks in January found DDoS attacks growing in size, complexity and frequency. 10% of organisations polled said they felt “completely unprepared” to respond to a security incident.
Interested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.
- » How Walmart – among others – fell victim to recent customer phishing scams
- » Hiscox cyber readiness report notes air of cautious optimism among enterprises
- » Security executives want to push forward a password-free future, finds MobileIron
- » How machine learning is helping to stop security breaches with threat analytics
- » Why AI cybersecurity is a leap forward in threat intelligence