DDoS Attacks Intensify

Wednesday, June 8, 2016 @ 12:06 PM gHale


Distributed denial of service attacks (DDoS) are continuing their growth mode with 19 over 100 Gbps during the first three months of the year, which is almost four times more than in the previous quarter, researchers said.

These huge attacks, which few companies can withstand on their own, ended up launched using booter or stresser botnets that are common and cheap to rent. This means that more criminals can now afford to launch these attacks.

RELATED STORIES
10% of NFS Servers Misconfigured
Password Manager Vulnerability
TFTP Protocol Allows DDoS Attacks
Ransomware Adds DDoS Capabilities

“In the past, very few attacks generated with booter/stresser tools exceeded the 100 Gbps mark,” said researchers from security provider Akamai in its State of the Internet security report for the first quarter of 2016.

By comparison, there were five DDoS attacks over 100 Gbps recorded during the fourth quarter of 2015 and eight in the third quarter.

Bandwidth is not the only aspect of DDoS attacks that can cause problems for defenders. Even lower-bandwidth attacks can be dangerous if they have a high packet rate.

A large number of packets per second poses a threat to routers because they dedicate RAM to process every single packet, regardless of its size. If a router serves multiple clients in addition to the target and exhausts its resources, that can cause collateral damage.

So, along those lines, Akamai found six DDoS attacks that exceeded 30 million packets per second (Mpps), and two attacks that peaked at over 50 Mpps.

DDoS reflection and amplification techniques continue to see action. These involve abusing misconfigured servers on the Internet that respond to spoofed requests over various UDP-based protocols.

Around one-in-four of all DDoS attacks seen during the first three months of 2016 contained UDP (User Datagram Protocol) fragments. This fragmentation can indicate the use of DDoS amplification techniques, which results in large payloads.

The four next most common DDoS attack vectors were all protocols abused for DDoS reflection: DNS (18 percent), NTP (12 percent), CHARGEN (11 percent) and SSDP (7 percent).

Click here to register for the report.