DDoS Threat Report 2020 Q2

A shift in attack tactics by perpetrators in Q2 2020, saw a 570% increase in bit-and-piece attacks compared to the same period last year. Attackers adopted a more elaborate practise of bit-and-piece attacks to launch various amplification and UDP-based attacks to flood target networks with traffic, making detection and mitigation via traditional threshold-based methods all the more difficult for CSPs.

• Bit-and-piece attacks are taken to a whole new level through blending multiple attacks: Smaller and more complex UDP-based and other amplification attacks were often used to maximize the impact of collateral damage on target networks. Bit-and-piece attacks result from injecting doses of junk traffic of negligible size into a large pool of IP addresses across hundreds of IP prefixes, which eventually paralyze the target when the junk traffic starts to accumulate from different IPs.
• Harnessing power through blending multiple attack vectors: In the past, attackers have used bit-and-piece attacks with a single attack vector to launch new attacks based on that vector. However, in this quarter, Nexusguard reported a tendency to employ a blend of attack vectors to launch a wider range of UDP-based attacks, intended to increase the level of difficulty for CSPs to detect and differentiate between malicious and legitimate traffic.