Nexusguard report: Hackers don’t take holidays as 2017 DDoS attacks rise 380 percent

Posted By



June 6, 2017

Distributed denial-of-service attacks rose by a stunning 380 percent in the first quarter of this year, according to a report released by Nexusguard Inc.

Furthermore, attackers showed a stronger tendency towards using global holidays to do their deeds, with a greater number of attacks occurring during Valentine’s Day and the Chinese New Year.

Large-scale attacks have become a commonplace problem for companies, a trend that continues since the last quarter of 2016 with more attacks exceeding 200 gigabits per second. Giant attacks — those exceeding 200Gbps — still represent only 2.7 percent of all attacks, according to the report, but 22 percent were over 10Gbps.

For comparison, one of the biggest DDoS attacks in Internet history was detected last year when domain name service provider Dynamic Network Services Inc., better known as Dyn, was hit with an attack believed to be 1.2 terabytes per second. That made it six times bigger than the large-scale 200Gbps attacks. This is a similar strength to what the infamous Lizard Squad claimed it threw at Xbox Live and PlayStation Network during the Christmas Day 2014 DDoS attack.

Just as Lizard Squad chose Christmas Day for its attack, Nexusguard noted that hackers during 2017 have focused powerful and lengthy attacks during the holidays. On Valentine’s Day this year, over Feb. 14-15, the company detected a massive 275.77Gbps attack that lasted 21 hours and 31 minutes. This was unusual in that Valentine’s Day had not been previously targeted.

Attackers even decided to ring in the Chinese New Year with a lengthy attack that lasted two days, 19 hours and 40 minutes Jan. 28-31. Nexusguard’s report said the attack was widespread and extremely disruptive across the Asia-Pacific region.

The percentage of days with large attacks, those over 10Gbps, have also grown between January, at 48 percent, and March, with 64 percent.

Nexusguard points the finger at unsecured Internet of Things networks that have been proliferating over the past few years. This trend, which the company pointed out during 2016, includes a multitude of devices shipped for consumer and industrial purposes that connect to the internet with minimal security.

The super-sized attack against Dyn in 2016 led Chinese electronics company Hangzhou Xiongmai Technology Co. Ltd. to recall a crop of its Internet-connected surveillance camera parts. During that event, Xiongmai’s products were not alone in becoming compromised components of DDoS networks such as the Mirai botnet and newly discovered Persirai botnet.

Over the past few years, hackers have begun to target more of these devices to produce massive botnets – networks of thousands or millions of infected devices running “bots” or programs capable of spewing internet traffic noise at a particular target on command. These devices can be anything from home routers, appliances, smart TVs, electronic meters – even smart homes and connected cars infected with botnet software can become soldiers in a DDoS army.

“Furthermore, over the past few years, the increasing adoption of Internet of Things has resulted in a massive number of poorly guarded, unsecured devices,” the Nexusguard report concludes. “The exploitation of the resulting vulnerabilities has fueled the rapid growth of botnets, which in turn are supplying attackers with myriad hijacked [Internet Protocol] addresses, enabling them to launch more long-lasting, sophisticated attacks.”

Judging by the ever-increasing severity and length of attacks during this quarter of 2017, Nexusguard said it will only get more turbulent for companies that rely on the Internet. Attacks no longer follow seasonal patterns and have become more constant than ever.

Companies may need to rely more heavily on content delivery networks and anti-DDoS protections than in previous years.