According to a report by A10 Networks, China, Vietnam, and Taiwan were the top sources of distributed denial-of-service (DDoS) botnet activity in Q2 2020.
DDoS weapons are distributed in countries with a higher concentration of internet users. The three nations, China, Vietnam, and Taiwan, accounted for more than a third of all DDoS botnet clients, while the most ubiquitous high-volume floods used amplification attacks.
More than 4.7 million sources in five countries, including the US, China, South Korea, Russia, and India, were used to launch DDoS attacks against victims in Q2 2020, according to the report.
What are amplification attacks?
- This strategy allows the attackers to capitalize on the connectionless nature of the UDP protocol and, in turn, spoof the target’s IP address.
- The most common type of these attacks exploit exposed DNS, SNMP, NTP, SSDP, and CLDAP UDP-based services.
- Researchers have discovered 116 portmap weapons available for every Connection-less Lightweight Directory Access Protocol (CLDAP) weapon.
Some infamous DDoS attacks
- In Q1 2020, Amazon Web Services (AWS) noted a 23% increase in the number of volumetric events. This included a reflection attack with a peak volume of 2.3 TBps.
- In June, a European bank was hit by a massive DDoS attack that generated traffic of 809 million packets per second.
- In the same month, researchers spotted a persistent and organized series of attacks against Docker servers to deploy DDoS malware strains.
The bottom line
With more people working remotely, the issue of disruptive cyberattacks will gain more prevalence. Thus, the rise in DDoS attacks is to be expected by individuals and organizations. Proper security measures, such as sophisticated threat intelligence and network monitoring, will assist organizations in dealing with this threat.