Report: DDoS attacks now MORE ANGRY, complex and targeted
Less like the Hulk, more like Iron Man
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
The days when attackers relied on sheer bandwidth volume alone to knock out websites are over, with miscreants increasingly using application-layer and multi-vector attacks.
The latest annual study from DDoS attack protection company Arbor Networks reports that 46 per cent of respondents said they had experienced multi-layer attacks in the year up to the end of September 2012, markedly up from the 27 per cent recorded in the year before. The largest attack reported was 60 Gbps, the same figure as 2011.
In 2010, the peak attack hit a bumper 100 Gbps.
Instead of concentrating on upping the noise, the bad guys have switched tactics towards application-layer (targeting web services, mostly) and multi-vector attacks rather than less sophisticated packet flood attacks, Arbor said.
Data centres and cloud services are increasingly getting hit by DDoS attacks, which have traditionally been slung solely against websites. Arbor reports that "distributed denial of service (DDoS) attacks have plateaued in size but become more complex" adding that "data centre and cloud services are especially attractive targets". The vast majority (94 per cent) of data centre operators polled by Arbor Networks reported they had been hot by attacks during the study period.
DDoS attacks are used by a variety of players from hacktivists to cybercriminals using packet floods as a means of extortion to business rivals of targeted companies. Arbor reports that e-commerce and online gaming sites are among the most common targets of attack.
Arbor's study, generally regarded as one of the best of its type, is based on survey data provided by network operators from around the world that use its technology to fend off DDoS attacks.
The study also found that DNS (Domain Name Server) infrastructure remains vulnerable. More than a quarter (27 per cent) of respondents experienced customer-impacting DDoS attacks on their DNS infrastructure—a significant increase over the 12 per cent of respondents from previous year’s survey.
Arbor Network's eight annual Worldwide Infrastructure Security Report report can be found here. ®
COMMENTS
I like this new conjugation
"The vast majority […] reported they had been hot by attacks during the study period."
So much better than the bland version. I hit, I hat, I have hot.
Tut tut
This story was published by SC Magazine on the 29th!
Come on El Reg, keep up!
Only just figured this out?
Web services are usually easy targets, since theres the issue of 'upgrading the platform' but 'forgetting' to upgrade the code running through the platform to suit, so they rarely do either usually, unless its break-fixing, mainly due to service level agreements.
I severely doubt application layer/multi vectors or spoofing or poisoning attacks are any "new" tactic, but it would make, theoretically, logical sense to get the maximum bang for your buck in the "criminal underworld"?
DNS specs have changed considerably in the last 10 years and the invention of IPv6, this is why some networks have modified their servers for their clients 'stupidity' without knowing/measuring the full extent of their changes.
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
