500Gbps DDoS attack flattens world record

Booter blasters belt businesses.

The world's largest distributed denial of service attack has been clocked at 500Gbps, according to Arbor Networks.

The attack was reported by a third party and is yet to be analysed, other than in terms of its size.

British teen Seth Nolan-Mcdonagh likely held the title for the previous largest DDoS, which came in at 300Gbps. He was arrested and ducked jail after he knocked SpamHaus off the internet.

The annual Arbor survey (PDF) (or here if you want to hand over some data before downloading) gathered 354 responses from service providers, hosts and mobile service providers around the world in the 12 months to November last year.

"The largest attack reported by a respondent this year was 500Gbps, with other respondents reporting attacks of 450Gbps, 425Gbps, and 337Gbps," the report states.

"This continues the trend of significant growth in the top-end size of DDoS attacks year-over-year.

"Last year, we highlighted that 20 percent of respondents reported attacks over 50 Gbps … this year nearly one-quarter of respondents report peak attack sizes over 100 Gbps."

Five respondents said they detected DDoS attacks above 200Gbps with a large number reporting attacks over 100 Gbps.

Arbor Networks notes attacks against cloud-based services are rising, up by a third over the previous year.

Reflection and amplification attacks exploiting vulnerabilities in the network time protocol remain popular. Servers are continually being patched against the attack which allows attackers to gain a large response to a small query and direct it at a target of their choosing.

“... the findings from this report underscore that technology is only part of the true story since security is a human endeavour and there are skilled adversaries on both sides," Arbor Networks security chief Darren Anstee says.

The network security outfit says DDoS attackers are more motivated by financial extortion than the hacktivism or vandalism prevalent in past years, launching more complex multi-vector simultaneous attacks against infrastructure, applications, and services.

Almost all respondents found application-layer DDoS attacks, mostly targeting DNS services rather than web servers.

Those DNS attacks caused customer outages in a third of cases compared to a quarter the previous year.

More than half of respondents said DDoS attacks saturated their internet connectivity, knocking over enterprise stateful and inline firewalls. Arbor says those devices are often the first victims of DDoS attacks and being inline actually add to network latency. ®

Sponsored: Webcast: Why you need managed detection and response

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER


Keep Reading

A person wearing a mask next to map of China

Roses are red, IBM is Big Blue. It's out of RSA Conference after coronavirus review: IBMers will not attend infosec event over 'health concerns'

Updated Who will join the IT giant in staying away from San Francisco?
virus

RSA Conference loses one more abbreviated tech giant after AT&T disconnects over novel coronavirus fears

RSA Alternative headline: Killer bio-nasty linked to former alien vault and cyber-hacker gathering
A group of happy corporate looking types celebrate

Enterprise skinflints, rejoice: AWS slashes cost of disaster recovery, Kubernetes services

CloudEndure DR gets cheaper, new host-level backup for VMs as AWS looks to lock 'em in
People in face masks

California tech industry gets its first big coronavirus hit: RSA Conference attendee infected, in serious condition

Updated NASA also struck, more conferences cancelled, WISPA is moving ahead
RSA history wall, photo: RSA

No way, RSA! Security conference's mobile app embarrassingly insecure

Sorry about the hard-coded passwords, can we sell you some crypto now?
rivest

'I give fusion power a higher chance of succeeding than quantum computing' says the R in the RSA crypto-algorithm

RSA Expert panel sesh turns heated on infosec conference's opening day
panel

Adi Shamir visa snub: US govt slammed after the S in RSA blocked from his own RSA conf

RSA 'If someone like me can't get in to give a keynote, perhaps it's time we rethink where we organize our events'
Tesla powerwall2

Rowhammer rides again as FPGA attack, RSA again reportedly up for sale, anti-theft kit to nuke laptops, etc

Roundup Including: Tesla and a town hit hard by spear-phish bridge scammers

Biting the hand that feeds IT © 1998–2020