ThreatList: Top Summer DDoS Trends

Distributed Denial of Service attacks maybe one of the oldest tools in a hacker’s toolbox, but that doesn’t mean they haven’t fallen out of fashion.

On Tuesday, Akamai released a report on the year’s biggest distributed denial of service (DDoS) attacks. The report illustrates how this time-tested attack method continues to morph and adopt new tricks, and discusses trends to watch as we move into the summer months.

According to the study, Summer 2018 State of the Internet/Security: Web Attack, this year has already seen the largest DDoS attack to date while volumes continue to rise, thanks to a bevy of new techniques, such as attackers using memcached servers and other reflector tools.

Here is a list of the biggest takeaways from Akamai regarding DDoS attacks for the summer of 2018:

  • Of those DDoS attacks between Nov. 16-Apr. 17 versus Nov. 17- Apr. 18, Akamai saw:
    • 16% increase in total DDoS attacks
    • 16% increase in infrastructure layer (Layer 3 and 4) attacks
    • 4% increase in reflection-based attacks
    • 38% increase in application-layer attacks
  • Hackers are also finding new attack vectors: The memcached reflection technique for instance was fresh, and used in largest DDoS attack to date, against GitHub in February
  • The GitHub attack broke a record at 1.35 Tbps – double the largest previously recorded attack
  • Researchers observed multi-vector reflection attacks using obscure vectors (Intelligent Platform Management Interface and Internet Key Exchange)
  • Mirai attacks are still ongoing, with new variants cropping up all the time
  • DDoS isn’t just about volume: Two recent examples highlight interesting techniques that targeted Domain Name System (DNS) servers and swamping them with queries.

(ThreatList is an occasional overview of InfoSec landscape as represented in at-a-glance lists of relevant data.)

Suggested articles