Link11 DDoS report Q1 2018: The Threat Takes on a New Dimension
Reflection amplification attacks and the resulting DDoS tsunamis aggravated the already high DDoS threat situation in the first quarter of 2018. The attacks also grew in frequency as well as complexity.
In the first quarter of 2018, the Link11 Security Operation Center (LSOC) recorded a 10% increase in attacks compared with the preceding quarter. From January to March, 14,736 attacks were launched on Link11 customers. This meant an average of 160 attacks per day, which affected the hosting/IT, gaming, retail, e-commerce, logistics, media, and finance industries. In 12 attacks, the attack volume exceeded 100 Gbps.
Marc Wilczek, Managing Director of Link11: "The high-volume vectors mark a new era in IT security. When it comes to DDoS protection we need to start thinking in new dimensions, where there are no limits to attack volumes and no limits on the protection of vast corporate multicloud structures."
Memcached reflection and SSDP reflection attack volumes on the rise
The LSOC identified two key vectors that were responsible for the large bandwidths. First, the attackers are using SSDP to inflate the bandwidths. In the first quarter, the share of SSDP attacks amounted to 27%, more than ever before. The second key attack method was memcached reflection, which had been unknown prior to the first quarter. The LSOC was one of the first IT security firms to register the initial memcached reflection attacks on the morning of February 25. Another 157 attacks of this type followed in the course of the first quarter.
Onur Cengiz, Head of the LSOC: "This new attack technique with memcached reflection seemed to come out of nowhere, though the weakness it exploited had been identified a long while back. There are many more such potential entry gates for DDoS attackers, and their threat potential may be as high as for memcached reflection.
More information is provided in the full Link11 DDoS report for Q1 2018. Current data on DDoS attacks, attempts, and numbers can be found in the Link11 DDoS blog.
Current articles
Stay updated on current DDoS reports, warnings, and news about IT security, cybercrime and DDoS protection.
Follow Link11 on Twitter
A simple visualization of how the Underground Cybercrime Economy cashes in on data and DDoS attacks. To learn more,…
9 Retweets 8
Read MoreHow to protect your business and website from DDoS attacks during the biggest sales period of the year:…
5 Retweets 6
Read MoreWhat are DDoS Attacks and how do cybercriminals use them as weapons to shut down IT infrastructures? And more impor…
7 Retweets 5
Read MoreThis is why (and how) you should block bots on your business website (includes a list of most common bot attacks):…
13 Retweets 9
Read MoreWhat is Web Application Firewall, why do you need it and how does it protect your company? Learn more by reading ou…
3 Retweets 5
Read More@RandyLoss Hah, you weren't the only one saying that.
0 Retweets 0
@vxtrade Your company might ;)
0 Retweets 1
@deckhand25 He is not, but close enough! ;)
0 Retweets 1
What would you do if you received a 180 000€ DDoS extortion email warning to exceed your web infrastructure defense…
1 Retweets 4
Read MoreGet a detailed and up to date overview of the global DDoS threat landscape by taking a look at our DDoS Report from…
6 Retweets 5
Read MoreRT @cloudtweeters: #CyberResilience has been redefined! We've partnered with @Link11GmbH so our VARs can provide customers with intelligen…
3 Retweets 0
@SecurityParalok Link11 DDoS Protection can help!
0 Retweets 0