DDoS Attack Trends for 2020 | F5 Labs
- by nlqip
The Largest DDoS Attack of 2021 So Far
The largest attack the SOC team encountered over the past 15 months came in February 2021 and targeted a technology company that provides information security services for gaming and gambling organizations. The onslaught peaked at 500 Gbps, or half a terabit per second.
Threat actors, possibly disgruntled customers, threatened the victim with an imminent attack via text message. They claimed that if the victim did not pay a ransom, they would launch a DDoS campaign. While some threats and ransom demands are nothing more than a ruse, it is common for cybercriminals to demand payment in order to obviate the DDoS attack. In this case, the threat was real, and the attackers immediately launched a 4 Gbps SYN flood attack as a warning shot; within five days of this, the siege began. Beginning early February and lasting almost the entire month, attack after attack kept coming, with the threat actors adding more and more vectors. Eventually, the attacks peaked at 500 Gbps and included a multivectored barrage of volumetric UDP, LDAP reflection, DNS reflection, NTP reflection, and UDP fragmentation attacks.
Increasing DDoS Complexity
Web apps, served over HTTP and HTTPS, accounted for 17% of application attacks, though the majority, 83%, targeted DNS servers. Generally speaking, it can be extremely difficult to identify which requests to an application are genuine and which are malicious, since many organizations cannot identify which web requests come from genuine users and which come from malicious automated bots. It is no surprise, therefore, that we see more support calls placed to the F5 SIRT seeking assistance in dealing with application DDoS than any other DDoS type. Last year over 50% of all DDoS support cases were attributed to application DDoS (combining web, API, SSL/TLS, and DNS DDoS attacks). Thirty percent alone were for HTTP/HTTPS-based DDoS attacks (see Figure 6). When comparing this with the number of HTTP/HTTPS DDoS attacks shown in Figure 3, it is evident that detecting and blocking these attacks is disproportionately more difficult than blocking volumetric-based DDoS.
Source link
lol
The Largest DDoS Attack of 2021 So Far The largest attack the SOC team encountered over the past 15 months came in February 2021 and targeted a technology company that provides information security services for gaming and gambling organizations. The onslaught peaked at 500 Gbps, or half a terabit per second. Threat actors, possibly disgruntled…
Recent Posts
- Windows 10 KB5046714 update fixes bug preventing app uninstalls
- Eight Key Takeaways From Kyndryl’s First Investor Day
- QNAP pulls buggy QTS firmware causing widespread NAS issues
- N-able Exec: ‘Cybersecurity And Compliance Are A Team Sport’
- Hackers breach US firm over Wi-Fi from Russia in ‘Nearest Neighbor Attack’