Link11 DDoS Report Q3 2019: Danger from Volume and Application Attacks
High bandwidth and complex DDoS attacks continued unchanged in the third quarter of 2019. Every second attack saw the attackers combining several attack vectors and driving up the attack volumes with reflection amplification techniques. Apart from volume attacks, the assailants concentrated on attacks with low bandwidths that made up for this by containing all the more packages.
Frankfurt, October 30, 2019 – The Link11 Security Operation Center (LSOC) has published new figures on the threat situation from DDoS attacks. Volume attacks remained the most important attack form in the third quarter of 2019. Such high bandwidth attacks are intended to block the attacked company's external connection. In this quarter, the bandwidth peak was 102 Gbps.
Massive attack bandwidths due to reflection amplification techniques
In many cases, the attackers relied on reinforcement techniques to drive up the attack volumes. DNS reflection was by far the most frequently used reflection amplification vector (42%). This was followed by SNMP with 21% and CLDAP with 14%. New attack techniques, such as WS Discovery and Apple Remote, which were registered for the first time in the second quarter of 2019, were detected several times in attacks.
Moreover, every second attack (52%) was based on several attack techniques. Most frequently, the attackers combined three vectors. The maximum number of vectors up to now, registered by LSOC in the third quarter, was 11.
Application level attacks block server resources
Furthermore, the latest figures from network monitoring indicate that attackers are deploying application and protocol attacks more and more frequently. Attacks at application level are aimed directly at application functions and APIs, but not at the Internet connection. Their aim is to cripple the processes and resources for layer 7. Low bandwidths and high package rates are characteristic for application attacks.
"Analyses show that there is no cause for an all-clear," according to Rolf Gierhard, Vice President Marketing at Link11. "Attackers are increasingly combining multiple attack techniques or expanding their attack set with new protocols. Attacks are becoming more intelligent and disguising themselves as legitimate network traffic. This makes it difficult for many companies to detect them quickly and effectively avert them."
The data is based on defended attacks on websites and servers that are protected by Link11. In addition to network analyses and the evaluation of DDoS attack data, the Link11 DDoS report also makes use of open source intelligence (OSINT) analyses. Alongside the figures, further information on DDoS attacks and blackmail can be obtained from the Link11 blog.
Current articles
Stay updated on current DDoS reports, warnings, and news about IT security, cybercrime and DDoS protection.
Follow Link11 on Twitter
A simple visualization of how the Underground Cybercrime Economy cashes in on data and DDoS attacks. To learn more,…
9 Retweets 8
Read MoreHow to protect your business and website from DDoS attacks during the biggest sales period of the year:…
5 Retweets 6
Read MoreWhat are DDoS Attacks and how do cybercriminals use them as weapons to shut down IT infrastructures? And more impor…
7 Retweets 5
Read MoreThis is why (and how) you should block bots on your business website (includes a list of most common bot attacks):…
13 Retweets 9
Read MoreWhat is Web Application Firewall, why do you need it and how does it protect your company? Learn more by reading ou…
3 Retweets 5
Read More@RandyLoss Hah, you weren't the only one saying that.
0 Retweets 0
@vxtrade Your company might ;)
0 Retweets 1
@deckhand25 He is not, but close enough! ;)
0 Retweets 1
What would you do if you received a 180 000€ DDoS extortion email warning to exceed your web infrastructure defense…
1 Retweets 4
Read MoreGet a detailed and up to date overview of the global DDoS threat landscape by taking a look at our DDoS Report from…
6 Retweets 5
Read MoreRT @cloudtweeters: #CyberResilience has been redefined! We've partnered with @Link11GmbH so our VARs can provide customers with intelligen…
3 Retweets 0
@SecurityParalok Link11 DDoS Protection can help!
0 Retweets 0