Security News

Attackers shifted tactics in Q2 2020, with a 570% increase in bit-and-piece DDoS attacks compared to the same period last year, according to Nexusguard. Perpetrators used bit-and-piece attacks to launch various amplification and elaborate UDP-based attacks to flood target networks with traffic.

The increase was felt across all size categories, with the biggest growth happening at opposite ends of the scale - the number of attacks sized 100 Gbps and above grew a whopping 275% and the number of very small attacks, sized 5 Gbps and below, increased by more than 200%. Overall, small attacks sized 5 Gbps and below represented 70% of all attacks mitigated between January and June of 2020. The rise in smaller DDoS attacks has been matched by increases in attack sophistication and intensity.

Neustar's Security Operations Center saw a 151 percent increase in DDoS activity in the period, including one of the largest and longest attacks that Neustar has ever mitigated - that attack came in at 1.17 terabits-per-second, and lasted five days and 18 hours. DDoS attacks are getting bigger, with what Neustar said is a "Noticeable spike" in volume: The number of attacks sized 100Gbps and above grew a whopping 275 percent.

Without early threat detection, you may not know your website has been hit by a DDoS attack until it slows down or stops, says NordVPN Teams.

Encrypted email biz Tutanota has apologised for accidentally shutting its own users out while fending off the latest of a series of distributed denial-of-service attacks. "It is a challenge to protect a privacy-focused service such as Tutanota from DDoS attacks because we need to block high-level application attacks ourselves," co-founder Matthias Pfau told The Register.

New Zealand's stock exchange has closed for a third day thanks to a distributed denial-of-service attack. The exact nature of the incident is not known: an NZX spokesperson told The Register that "Network connectivity issues relating to DDoS cybersecurity attacks" were behind the decision to close the market after around 70 minutes of Thursday today.

To handle the CDN log data spikes inherent with DDoS attacks, organizations often guesstimate how much compute they may need and maintain that higher level of resource for their logging solution. The security team would then use Kibana to interact with the Cloudflare log data to triage DDoS attacks as they occur.

Without early threat detection, you may not know your website has been hit by a DDoS attack until it slows down or stops, says NordVPN Teams. Trying to mitigate a DDoS attack after it's already begun can cost an organization a huge amount of time, money, and resources.

Cybercriminals claiming to represent well-known threat groups such as Fancy Bear and Armada Collective have been threatening organizations with distributed denial of service attacks, Akamai warns. Similar to extortion groups that operated in the past, the attackers would contact victim companies warning them of an imminent DDoS attack on their infrastructure, unless a ransom was paid.

According to the latest Kaspersky quarterly DDoS attacks report, DDoS events were three times more frequent in comparison to the second quarter last year, and were up 30 percent from the number of DDoS attacks observed in the first quarter of 2020. The typical annual trend for DDoS is for attacks to spike at the beginning of the year, during the peak season for businesses; while they tend to fall off in late spring and summer.