While the seemingly increasing rash of ransomware attacks impacting government organizations and entities has dominated much of the news cycle, there is another threat that is less trendy but equally harmful to government organizations. That threat is the Distributed Denial of Service (DDoS) attack – which is an attack that aims to take an application or network device out of service by flooding its bandwidth or resources.
According to a new report by NETSCOUT, a leader in application and network performance and cybersecurity solutions, while DDoS attacks may not be making headlines, that doesn’t mean that they’re going away. In fact, NETSCOUT’s recently released Threat Intelligence Report finds that these attacks have, “…grown in frequency each year for the past five years.”
Even more frightening is the fact that the attacks and the individuals perpetrating them are becoming increasingly sophisticated and have a vast new ecosystem of tools and technologies at their disposal. These new tools make launching DDoS attacks simple and make the attacks themselves even more debilitating.
As NETSCOUT explains in the report, “…it takes shockingly little to launch an effective attack; most use less than 3 percent of available resources in that attack vector.”
And launching an attack should only get easier as the Internet of Things (IoT) trend continues. The report estimates that 20.4 billion devices will be connected to the internet in 2021, all with the potential to be made soldiers in bot armies by malware authors, who the report claims are, “…ready and waiting with new strains and capabilities to target the growing diversity of products.”
NETSCOUT is uniquely positioned to identify and report of this DDoS activity thanks in large part to the company’s Active Threat Level Analysis System (ATLAS) and its ATLAS Security Engineering & Response Team’s (ASERT) – a team of analysts and engineers that analyze the Internet-connected world to deliver insight into ongoing threat landscape activity.
Overall, the report identified a 16 percent increase in global DDoS activity, along with six threat landscape “key findings.” Here are the first three of those findings, directly from the report:
Lucky Seven for Attackers
Attackers weaponized seven new or increasingly common UDP reflection/amplification attack vectors in 2019. They also combined new variations of well-known attack vectors—all while remaining operationally efficient and launching pinpoint-focused DDoS attacks.
New Methods Pump Up and Attacks, Bypass Traditional Defenses
Attackers not only combined attack vectors but also made them stronger than the sum of their parts by combining TCP reflection/amplification attacks with carpet-bombing techniques.
Meanwhile, adversaries using advanced reconnaissance discovered how to use the client services of well-protected targets like Internet Service Providers (ISP) or financial institutions to amplify attacks against specific enterprises and network operators.
ISPs and Satellite Telecom Pay the Price
Carpet-bombing tactics are reflected in the increased attack activity seen in vertical sectors such as satellite telecommunications, which sustained a 295 percent increase in attack frequency. This is likely a reflection of carpet-bombing attacks on financial institutions in countries across Europe and Asia Minor, in which satellite telecom companies experienced significant collateral damages.