Average bandwidth of attacks increasing and share of multivector attacks rose to 64%.

DDoS flooding attacks against big name brands have made media headlines for more than two decades. However, many bot attacks aren’t flooding attacks at all. These attacks pose a huge threat to organizations and website owners… but few are aware of the risks.

In 2019, we could clearly see that various countries, as well as organizations across different industries and of all sizes, were hit by DDoS attacks. Attackers managed to find a way to take down the IT systems of organizations that were not vigilant enough. This infographic provides a quick summary of some of the most notable DDoS attacks that occurred over the past 12 months.

Report reveals a rising number of multivector and cloud computing attacks over the last twelve months. There was also a number of new amplification vectors like WS–Discovery, Apple Remote Management Service and an increase in ‘carpet bombing’ attacks.

The experts from the Link11 Security Operation Center (LSOC) take a look back at the most important DDoS attacks in 2019 and summarize which new developments could be detected on the attacker side. In addition, the IT security specialists draw conclusions for the threat situation in the coming 12 months.

High bandwidth and complex DDoS attacks continued unchanged in the third quarter of 2019. Every second attack saw the attackers combining several attack vectors and driving up the attack volumes with reflection amplification techniques. Apart from volume attacks, the assailants concentrated on attacks with low bandwidths that made up for this by containing all the more packages. 

A new attack vector was identified in the first half of 2019. Attackers have been abusing the Web Services Discovery (WS-Discovery, WS-DD or WSD) protocol since the middle of the year.* Attackers constantly identify new vulnerabilities and open services that can be misused for overload attacks.

Since mid-October 2019, companies in the payment, entertainment and retail sectors have been receiving DDoS extortion and blackmail emails which claim to come from the Fancy Bear cyber espionage group. Link11 is warning organizations about the DDoS attacks launched by these perpetrators, which primarily target the Origin infrastructure of the companies.

Link11, a leader in cloud-based anti-DDoS protection, has published its DDoS statistics for Q2 2019.  The data shows that the quarter saw a massive 97% year-on-year increase in average attack bandwidth, up from 3.3Gbps in Q2 2018 to 6.6Gbps in Q2 2019.  

The next few days will mark the anniversary of the first known case of a cyberattack method that continues to keep companies of all sizes and industries on their toes. On July 22, 1999, a computer of the University of Minnesota in the USA was attacked by a network of 114 other computers – on which the program Trin00 was running, which was later used time and again to launch DDoS attacks.