Back

Nexusguard research reveals 500% increase in average DDoS attack size caused by botnets, malware

Posted By

Back End News

On

September 13, 2018

The average DDoS (distributed denial of service) attack quintupled in size to more than 26 Gbps and the maximum attack size quadrupled to 359 Gbps compared to the same period last year, according to the cloud-based DDoS security solution provider Nexusguard’s “Q2 2018 Threat Report.”

The quarterly report, which evaluates thousands of worldwide DDoS attacks, attributes the dramatic rise to IoT (Internet of Things) botnets and Satori malware exploits, which is a variant of the notorious Mirai malware. Communications service providers (CSPs) and vulnerable organizations will need to enhance bandwidth protection if they hope to stay ahead of the surging attack sizes.

Due to the increase in IoT-related malware exploits and the rampant growth of large-scale DDoS attacks, research conclusions point to the continued use of IoT botnets. Cyber attacks hit the 2018 FIFA World Cup as well as cryptocurrency-related businesses, maximizing revenue loss. For example, attacks on the Verge Network (XVG) caused a loss of 35 million XVG tokens, valued at more than $1.7 million. Nexusguard analysts warn that CSPs and susceptible operations should enhance their preparedness to maintain their bandwidth, especially if their infrastructures don’t have full redundancy and failover plans in place.

“The biggest zero-day risks can stem from various types of home routers, which attackers can exploit to create expansive DDoS attacks against networks and mission-critical services, resulting in jumbo-sized attacks intended to cripple targets during peak revenue-generating hours,” said Juniman Kasman, chief technology officer for Nexusguard. “Telcos and other communications service providers will need to take extra precautions to guard bandwidth against these supersized attacks to ensure customer service and operations continue uninterrupted.”

Hackers favored attacks using a universal datagram protocol (UDP), with more than 31 percent of all attacks leveraging this volumetric strategy. The connectionless protocol helps launch mass-generated botnets, which also saps host resources and can ultimately make them inaccessible. With nearly one-third of the worldwide Internet users, the United States and China held their spots as the top two sources of attack traffic contributing 20 percent and more than 16 percent of attacks, respectively.

Nexusguard’s quarterly DDoS threat research gathers real-time attack data from botnet scanning, Honeypots, internet service providers (ISPs) and traffic moving between attackers and their targets to help companies identify vulnerabilities and stay informed about global cyber security trends.