- Researchers find traditional threshold-based attack detection is no longer reliable with new bit-and-piece changes
- Nexusguard has won the CybersecAsia Awards, under the Best DDos Defense category
Nexusguard reports a 570% increase in bit-and-piece DDoS attacks in Q2 this year, when compared to the same period last year. According to the new Nexusguard’s Q2 2020 Threat Report, perpetrators shifted tactics, using bit-and-piece attacks to launch various amplification and elaborate UDP-based attacks to flood target networks with traffic.
Nexusguard analysts witnessed attacks using much smaller sizes—more than 51% of bit-and-piece attacks were smaller than 30Mbps—to force communications service providers (CSPs) to subject entire networks of traffic to risk mitigation. This causes significant challenges for CSPs and typical threshold-based detection, which is unreliable for pinpointing the specific attacks to apply the correct mitigation
Improvements in resources and technology will cause botnets to become more sophisticated, helping them increase resilience, and evade detection efforts, to gain command and control of target systems. The evolution of attacks means that CSPs need to detect and identify smaller, more complex attack traffic patterns amongst large volumes of legitimate traffic. Nexusguard analysts recommend service providers switch to adopt deep learning-based predictive models in order to quickly identify malicious patterns and surgically mitigate them before any lasting damage occurs.
“Increases in remote work and study mean that uninterrupted online service is more critical than ever. Cyber attackers have rewritten their battlefield playbooks and craftily optimized their resources so that they can sustain longer, more persistent attacks. Companies must look into deep learning in their approaches if they hope to match the sophistication and complexity needed to effectively stop these advanced threats”, said Juniman Kasman, Chief Technology Officer of Nexusguard.
In the past, attackers have used bit-and-piece attacks with a single attack vector to launch new attacks based on that vector. Nexusguard reported that attackers have the tendency to employ a blend of offensive measures in order to launch a wider range of attacks, aiming to increase the level of difficulty for CSPs to detect and differentiate between malicious and legitimate traffic.
In the first quarter of the year, DDoS attacks rose more than 278 percent compared to Q1 2019 and more than 542 percent compared to Q4 2018, according to Nexusguard’s Q1 2020 Threat Report. Researchers attribute the sharp rise in incidents to malicious efforts during the COVID-19 pandemic, causing DDoS attacks to interrupt service for large companies and individuals. Internet service providers face increasing challenges to curb undetectable and abnormal traffic before they turn into uncontrollable reflection attacks.
Read the full Nexusguard Q2 2020 Threat Report for more details.