The latest Link11 DDoS report is based on data from repelled attacks on web pages and servers protected by Link11’s Security Operations Center (LSOC). Key findings from the annual report include:
The data showed that the frequency of DDoS attacks depends on the day of the week and time of the day, with most attacks concentrated around weekends and evenings. More attacks were registered on Saturdays, and between 4pm and midnight on weekdays.
There was also a number of new amplification vectors registered by the LSOC last year including WS–Discovery, Apple Remote Management Service and TCP amplification, with registered attacks for the latter doubling compared to the first six months of the year. The LSOC also saw an increase in ‘carpet bombing’ attacks in the latter part of 2019, which involves a flood of individual attacks that simultaneously target an entire subnet or CIDR block with thousands of hosts. This popular method spreads manipulated data traffic across multiple attacks and IPs. Th data volume of each is so small that it stays under the radar and yet the combined bandwidth has the capacity of a large DDoS attack.
Marc Wilczek, COO of Link11 said: “There was a noticeable surge in attack bandwidths and volumes, and in multivector attacks in 2019, due in part to the increased malicious use of cloud resources and the popularity of IoT devices. The growing trend for attackers to use methods that strike at the network and application level means organizations need to invest in protective solutions that are designed to detect multi-layer anomalies and networked security mechanisms.”
More information is provided in the full Link11 DDoS report for 2019.