Distributed Denial of Service (DDOS) methods are becoming more and more sophisticated. There were significant advances in DDOS attacks from October to December 2016 globally. This period indicated record breaking numbers for the longest attack and number of attacks in one day.
This is according to Kaspersky Lab's Q4 2016 DDOS Intelligence report, which found DDOS methods are becoming more and more sophisticated and the array of devices being harnessed by botnets are increasingly diverse, while the attackers show off their capabilities by choosing bigger and more prominent targets.
The fourth quarter of 2016, saw the longest DDOS attack of the year, which lasted for 292 hours (or 12.2 days), and also the 2016 record was broken for the number of DDOS attacks in one day - with 1 915 attacks launched on 5 November last year, notes the report.
Kaspersky Lab's experts predict that the trends toward increasingly complex DDOS attacks and greater numbers of Internet of things (IOT) botnets will continue in 2017.
"IOT devices have the potential to launch DDOS attacks of any complexity, including application layer and encrypted attacks," says Kirill Ilganaev, head of Kaspersky DDOS protection, Kaspersky Lab. "Given the effectiveness of IOT botnets, as well as the growing number of poorly protected IOT devices, we can reasonably predict an increase in the number of such attacks as well as their power and complexity. That means companies need to take care of their protection in advance, and take a scrupulous approach to choosing their DDOS attack filtration service."
According to the research, Q4 2016 was rich in noteworthy DDOS attacks against a broad range of targets, including Dyn's Domain Name System, Deutsche Telekom and some of Russia's largest banks. These companies were among the first victims of a new trend - DDOS attacks launched via huge botnets made up of vulnerable IOT devices, of which Mirai is one example. The approach used by the creators of Mirai has provided the basis for numerous other botnets made up of infected IOT devices, adds the report.
The increasing number of attacks involving IOT devices was just one of the major trends seen in Q4. Throughout the quarter, there was a significant decrease in the number of amplified DDOS attacks, which were popular in the first half of the year. This is down as a result of improved protection against such attacks and fewer vulnerable servers available to cyber criminals.
According to a report issued by F5 Networks, DDOS attacks in the Europe, Middle East and Africa (EMEA) region witnessed an uptick in the last quarter of 2016, and are set to intensify in 2017.
"In 2016 to date, F5 Networks handled and mitigated 8 536 DDOS instances. One of the attacks featured among the largest globally - a 448Gbps user datagram protocol and Internet control message protocol, fragmentation flood using over 100 000 IP addresses emanating from multiple regions," revealed the company's Security Operations Centre report.
The report explains the incident highlights a growing trend for global co-ordination to achieve maximum impact, with IP attack traffic stemming largely from Vietnam (28%), Russia (22%), China (21%), Brazil (15%) and the US (14%).
Share