Gauging Threats in DDoS Landscape Becomes More Challenging

What to know about the incident

• It saw 17.2 million requests generated per second from 20,000 bots spread across 125 countries.
• About 15% of the attack volume originated only from Indonesia and another 17% from India and Brazil combined.
• While the firm is investigating to identify the origin of the attack, analysts believe the use of a modified version of the well-known Mirai IoT malware.
• Experts opined that the group behind the attack could be dedicated and well-funded. 

Gauging DDoS threats

• According to a report from Netscout, the year 2020 saw a 125% rise in the average number of DDoS attacks per month. The trend continued in 2021, with the first quarter recording a 31% spike in DDoS attempts.
• In another report, Atlas VPN found that the U.S. was a target of 35% of all DDoS attack attempts in June 2021, followed by the U.K at 29%.
• In new research, whitehat researchers demonstrated that the TCP protocol in firewalls and other network middleboxes can be exploited by cybercriminals to launch massive DDoS attacks. The research was has been dubbed DDoS reflection amplification.
• Meanwhile, new targeted botnet players in this space pose new threats. Exempli gratia, Simps botnet, first spotted in April, has been designed to carry out DDoS attacks on gaming and other sectors.

Recent attacks in the landscape

• Last weekend, BitMEX, a top peer-to-peer cryptocurrency exchange firm, became the victim of a DDoS attack whose superfluous requests reached over 7 million per minute.
• After researchers demonstrated a PoC for an authentication bypass flaw earlier this month, the Mirai botnet was found on home routers manufactured by at least 20 vendors and ISPs to carry out DDoS attacks.

Bottom line