Tags:

Black Lotus Threat Report Predicts New DrDoS Attacks in Excess of 800 Gbps in 2015

By Unknown Tuesday, April 22, 2014
Black Lotus delivers award winning DDoS protection ranging from full network defense to website and server protection, 24/7/365. Learn more by visiting http://www.blacklotus.net or call (866) 477-5554.
Service providers, carriers must strengthen security to protect operations during next 12 to 18 months 

SAN FRANCISCO – April 22, 2014 – While the network time protocol (NTP) DrDoS threats that became prevalent in early 2014 have been contained, new distributed reflected denial of service threats will lead to attacks in excess of 800 Gbps during the next 12 to 18 months. That prediction is according to the “Q1 2014 Threat Report” issued today by Black Lotus, a leader in availability security and provider of distributed denial of service (DDoS) protection. Black Lotus compiles its quarterly threat reports by drawing on data from  its network logs and analyzing the results for trends in attack size, duration, method, source and other characteristics.

Black Lotus Threat Report - Volume I - Issue 3 - 21 April 2014

The threat report, which covers DDoS attack data between January 1 and March 31, 2014, shows that service providers have been heavily impacted by security threats, including SQL injection attacks, NTP DrDoS attacks, and most recently the TLS heartbeat vulnerability (“Heartbleed”). All of these threats have had profound effects on the ability of service providers to safely operate and protect their customers.

During the first quarter of 2014, novice attackers used DrDoS methods to bypass the DDoS defenses of well-prepared companies by targeting upstream carriers directly. In January 2014, Black Lotus recorded several incidents in which tier 1 carriers in multiple U.S. regions were saturated due to DrDoS attacks, resulting in packet loss as high as 35 percent to customers that were not even targeted by the attacks. By February, the same carriers were better prepared for attacks that exceeded 400 Gbps, and they were able to stabilize their networks with minimal interruption to downstream customers. Greater awareness of NTP DrDoS is critical, but service providers will have to add protections as attackers grow more sophisticated and attacks become more severe.

The report findings also show that:

  • The largest DDoS attack observed during the report period was on February 10. It was 421 Gbps and 122 millions of packets per second (Mpps)
  • Of the 463,621 observed attacks, Black Lotus regarded 90,313 (19.5 percent) of them as severe, characterized by an extreme traffic levels compared to the target’s typical traffic baseline.
  • The average attack during the period reported was 2.7 Gbps and 1.8 Mpps.
  • During the reporting period, 50.3 percent of severe attacks targeted individual applications, most commonly HTTP servers and domain name services (DNS). Attacks on either application can result in site outages and are difficult to mitigate without professional assistance.

“Historically, service providers have been able to operate without providing substantial security services to customers. That’s no longer viable, as threats proliferate and attackers find new ways to amplify the volume of their efforts,” said Jeffrey Lyon, founder of Black Lotus. “To protect themselves and their customers, service providers must now also become security providers by offering integrated hosting and security services such as DDoS mitigation, intrusion defense, and incident response and remediation.”

Post Tags:

at 5:50 AM
Labels: , , ,