Dive Brief:
- The frequency of distributed denial of service (DDoS) attacks increased by 133% during Q2 2019 compared to the same time in 2018, according to research from attacks tracked by risk analytics company Neustar.
- Three-quarter of DDoS attacks were 5 gigabits per second (Gbps) or less. Heavier-duty attacks, more than 100 Gbps, were down by 64%. The average attack size was down about 38% from Q2 2018 to 2019.
- Neustar observed attacks that started small in size, about 6 megabits per second, then incrementally changed in frequency. Neustar identified the activity as synchronization floods (SYN), which takes advantage of the "three-way handshake" beginning at the transmission control protocol. Perimeter defenses are "flooded" with SYN packets and disrupt services.
Dive Insight:
DDoS attacks are relatively easy to execute cyberattacks, which require lower cost and skill. Though DDoS attacks lack sophistication, bad actors executing them are improving their strategy by targeting specific services, gateways applications or APIs, according to the report.
But knocking a company offline is not always the goal. A sudden service blackout is too noticeable, so hackers are pursuing slow-bleed attacks subtle enough to bypass DDoS detection tools.
Using micro-activity as a precursor to larger DDoS attacks is common, according to Neustar. The strategy adds a little complexity to the otherwise "dumbed down" cyberattack.
The internet's connectivity is a playground for DDoS attacks. Individual systems communicate with one another because they "trust" one another, making it feeding ground for inundating servers.
Though companies can prepare for DDoS attacks, slow and steady malicious activity can eventually leave a company unprepared. Last March, GitHub disclosed a 1.35 terabytes per second DDoS attack, taking the open source software company offline for about 10 minutes.