Free : Threat Intelligence Report

Click here for : Free Threat Intelligence Report

Definition of a DDOS ( Distributed Deniability of Service)_Attack -

A DDoS attack is an attack in which multiple (usually widely dispersed) compromised or infected computer systems (including IoT devices) attack a targeted network, website or other network resource, to cause a denial of service for users. DDOS attacks cause a flood of incoming messages, connection requests and malformed packets to the target system which forces the attacked system to slow down, crash and shut down, thereby denying service to legitimate users of the attacked network resource. A type of DDOS attack is a TCP SYN Flood attack! DDoS attacks continue to grow in size, complexity, and malice as well as can be a smoke screen for deeper attacks and or fraud taking place in the background!

Executive Summary:

WE WANT YOU TO REMEMBER ONE NUMBER: 8.4 MILLION.

That is the number of DDoS attacks NETSCOUT Threat Intelligence saw last year alone: more than 23,000 attacks per day, 16 every minute. Any way you slice it, that’s a huge number of attacks.

What does that mean to you? As our latest Threat Intelligence Report shows, enterprises and service providers need to defend themselves against attacks—and protect their customers. Numbers from our global WISR survey reveal that customer-facing services and applications were targets of DDoS attacks at two-thirds of enterprises. Even worse, customers can act as conduits for attacks: adversaries deployed a novel technique that used attacks on client services to access core services at well-protected targets. If you have a mobile phone—or run a mobile network—beware: APT groups are bumping up mobile malware use, while DDoS attacks on mobile networks jumped 64 percent in the second half of 2019. The reality is, attackers are smart and efficient and never give up. Here are just a few of the report’s highlights:

Key Takeaways:

Lucky Seven for Attackers

Attackers weaponized seven new or increasingly common UDP reflection/amplification attack vectors in 2019. They also combined new variations of well-known attack vectors—all while remaining operationally efficient and launching pinpoint-focused DDoS attacks.

New Methods Pump Up Attacks, Bypass Traditional Defenses

Attackers not only combined attack vectors but also made them stronger than the sum of their parts by combining TCP reflection/amplification attacks with carpet-bombing techniques. Meanwhile, adversaries using advanced reconnaissance discovered how to use the client services of well-protected targets like Internet Service Providers or financial institutions to amplify attacks against specific enterprises and network operators.

WISR Survey Highlights IoT, Cloud Risk

Survey data from the 15th Worldwide Infrastructure Security Report (WISR) shows that infected and compromised endpoint IoT devices are a top concern for enterprises, along with detection/ identification of IoT devices on their networks, software patching and maintenance of IoT devices, and compliance risks posed by IoT. The survey also showed a dramatic increase in DDoS attacks on publicly exposed service infrastructure, reported by 52 percent of service providers in 2019 compared with only 38 percent in the previous year.

ISPs and Satellite Telecom Pay the Price

Carpet-bombing tactics were reflected in the increased attack activity seen in vertical sectors such as satellite telecommunications, which sustained a 295 percent increase in attack frequency. This is likely a reflection of carpet-bombing attacks on financial institutions in countries across Europe and Asia Minor, in which satellite telecom companies experienced significant collateral damages.

Conclusion:

As threats grow across the landscape, NETSCOUT's unique position protecting enterprise networks and the internet through our service provider customers gives us wide visibility into this dynamic and ever-changing environment. NETSCOUT’s Arbor Active Threat Level Analysis System (ATLAS®) has actively monitored the global internet threat landscape since 2007. Today, it provides us with visibility into approximately one-third of the global internet. By drawing on that comprehensive view with analysis driven by ASERT, we have created a representative view of the threat landscape as we observed in the second half of 2019 based on all our data and driven by extensive research and analysis.

To download the full report, click here You can also register for a webinar on the report results. Register here.