Complexity and volume of attacks continues to grow

Report revealed the share of complex multivector attacks rose to 65% by the end of the year.

  • 4 years ago Posted in
Link11 has released findings from its annual DDoS Report for 2019, which revealed a rising number of multivector and cloud computing attacks over the last twelve months.

 

The latest Link11 DDoS report is based on data from repelled attacks on web pages and servers protected by Link11’s Security Operations Center (LSOC). Key findings from the annual report include:

 

·         Multivector attacks on the rise: The share of multivector attacks – which target and misuse several protocols - grew significantly from 46% in the first quarter to 65% in the fourth quarter.

 

·         DNS amplification most popular for DDoS attackers: DNS amplification was the most used technique for DDoS attackers in 2019 having been found in one-third of all attacks. The attackers exploited unsecure DNS servers, of which there were over 2.7m worldwide by the end of 2019, according to the Open Resolver Project.

 

·         Average attack bandwidth increases: The average bandwidth of attacks keeps increasing by more than 150% within four years, reaching 5 Gbps in 2019, up from 2 Gbps in 2016. The maximum attack volume has also nearly doubled compared to 2018; from 371 Gbps to 724 Gbps.

 

·         Attacks on corrupted cloud servers rising: The proportion of DDoS attacks that involved corrupted cloud servers was 45% between January and December; this is a 16% increase over the same time period the previous year. The proportion rose to 51% over the last six months of 2019. The number of attacks traced to cloud providers was roughly proportionate to their relative market share, with more cases of corrupt clouds registered for AWS, Microsoft Azure and Google Cloud.

 

·         The longest DDoS attack lasted 6,459 minutes; more than 100 hours.

 

The data showed that the frequency of DDoS attacks depends on the day of the week and time of the day, with most attacks concentrated around weekends and evenings. More attacks were registered on Saturdays, and between 4pm and midnight on weekdays.

 

There was also a number of new amplification vectors registered by the LSOC last year including WS–Discovery, Apple Remote Management Service and TCP amplification, with registered attacks for the latter doubling compared to the first six months of the year. The LSOC also saw an increase in ‘carpet bombing’ attacks in the latter part of 2019, which involves a flood of individual attacks that simultaneously target an entire subnet or CIDR block with thousands of hosts. This popular method spreads manipulated data traffic across multiple attacks and IPs. The data volume of each is so small that it stays under the radar and yet the combined bandwidth has the capacity of a large DDoS attack.

 

Marc Wilczek, COO of Link11 said: “There was a noticeable surge in attack bandwidths and volumes, and in multivector attacks in 2019, due in part to the increased malicious use of cloud resources and the popularity of IoT devices. The growing trend for attackers to use methods that strike at the network and application level means organizations need to invest in protective solutions that are designed to detect multi-layer anomalies and networked security mechanisms.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...