Rampant growth of DDoS attacks in 2016

Neustar has published “DDoS & Cyber Security Insights,” an in-depth research report that provides statistical analysis of the distributed denial of services (DDoS) attack and mitigation data collected through Neustar SiteProtect. The report examines the growth of DDoS attacks during 2016, providing specific in-sight into multiple attack vectors, such as DNSSEC amplification and Internet-of-things (IoT) botnets.

  • 7 years ago Posted in
“The DDoS attack landscape has become increasingly complex in 2016 because there is no singular goal behind these attacks; some seek to disrupt services, while others serve as smokescreens to breach data,” said Rodney Joffe, SVP and Fellow, Neustar. “Organizations must remain vigilant against conventional attacks, even as new threatsare realized today and in 2017.”
“DDoS & Cyber Security Insights” analyzes attack and mitigation data collected through Neustar SiteProtect, a global DDoS mitigation network, from January 1, 2016 through November 30, 2016. Key findings include:
•             Increasing Frequency of DDoS Attacks – The frequency of DDoS attack mitigations by Neustar has in-creased 40 percent compared to the same period of time in 2015.
•             Eruption of Multi-vector Attacks – Multi-vector attacks, which combine attack vectors to confuse defend-ers and supplement attack volume, increased 322 percent and accounted for 52 percent of the attacks mit-igated by Neustar. UDP, TCP and ICMP comprise the three most popular attack vectors, which were lever-aged in more than 50 percent of attacks.
•             Vulnerability of DNS and DNSSEC – DNS-based attacks increased 648 percent with many attackers lev-eraging DNSSEC amplification to generate massive volumetric pressure. Previous Neustar research, “DNSSEC: How Savvy DDoS Attackers Are Using Our Defenses Against Us,” determined that the average DNSSEC amplification factor for a DNSSEC signed zone was nearly 29 times greater than the initial query.
•             IoT Botnets Emerge as DDoS Attack Tools  - The threat of IoT botnets was realized in 2016, which was popularized by Mirai. Mirai and similar types of malware compromise IoT device credentials to enroll them into botnets, which are activated by command and control servers. As these code assemblies are pub-lished, new developments continue to emerge, such as persistent device enrollment, which enables botnet operators to maintain control of a device even after it is rebooted.
“Mirai signals a watershed moment for DDoS attacks, where the bad guys finally turned the Internet back on its users,” said Joffe. “It is imperative to invest in effective DDoS protection now because the threat landscape has fundamentally changed.
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...