DDoS Attacks Get Amplified, Extortion Threats and Bit-and-Piece Attacks Rise

State of DDoS attacks in H1 2020

• In a recent report, Neustar revealed that the first half of 2020 saw a 151% rise in the number of DDoS attacks compared to the same period in 2019.
• The longest of all the attacks, which was recorded at 1.17 Tbps, lasted for 5 days and 18 hours.
• Furthermore, Akamai disclosed that the number of attacks over 100 Gbps and the variety of other DDoS attacks reached up to 30 in a month during H1 2020.

DDoS extortion threat emerges from the shadow

• In early-September, the FBI released a flash warning about unprecedented levels of DDoS extortion attacks against multiple industries.
• The agency revealed that thousands of organizations had faced such incidents, where malicious actors threatened them with DDoS attacks if a ransom was not paid.
• Also termed as Ransom Denial of Service (RDoS), the attacks were carried out in the name of Armada Collective, Cozy Bear, Fancy Bear, and Lazarus threat actor groups.
• The targeted organizations included financial, retail, hospitality, retail, and travel sectors in North America, APAC, and EMEA.
• In late-August, ZDNet reported massive DDoS extortion attacks against money transfer services such as MoneyGram, YesBank India, Worldpay. PayPal, Braintree, and Venmo.

A shift in the attack pattern observed

• According to the latest report from Nexusguard, there has been a 570% increase in bit-and-piece DDoS attacks in Q2 2020.
• This indicates that attackers are adopting smaller and more complex UDP-based attacks and other amplification attacks to maximize the impact of collateral damage on target networks.
• These types of sophisticated attacks can be a major challenge for communications service providers (CSPs) as they typically employ threshold-based detection.

What to infer from this?