Research by Neustar has revealed DDoS attacks are getting more sophisticated as attackers use new methods to bypass defenders and increase the volume of attackers to have a longer-lasting effect on businesses.
"The DDoS attack landscape has become increasingly complex in 2016 because there is no singular goal behind these attacks; some seek to disrupt services, while others serve as smokescreens to breach data," said Rodney Joffe, SVP and Fellow, Neustar. "Organisations must remain vigilant against conventional attacks, even as new threats are realised today and in 2017."
The frequency of attacks has increased 40% year-on-year, while multi-vector attacks have increased more than three-fold in the same period. These attacks have a particularly negative effect because they use a combination of attack mechanisms to confuse defenders and increase attack volume, resulting in a longer-lasting attack. This type of attack accounted for more than half of all DDoS activity investigated by the real-time information and analytics firm.
Another big trend uncovered by Neustar was hackers taking advantage of the weaknesses in DNS and DNSSEC. DNS attacks increased by 648% compared to the same period (January 1st-November 30th) last year. It explained that many attackers using this method leveraged DNSSEC amplification to significantly increase the volume of traffic used in an attack.
Although using the IoT to launch DDoS attacks isn't a new method, the idea of using such technologies to bring down an organisation was realised by Mirai in 2016. It uses IoT device credentials to enrol them into botnets and use them to launch attacks, without the user knowing they are being used to perform attacks.
"Mirai signals a watershed moment for DDoS attacks, where the bad guys finally turned the Internet back on its users," said Joffe. "It is imperative to invest in effective DDoS protection now because the threat landscape has fundamentally changed."
