First half of 2019 sees rise in large and complex DDoS attacks
DDoS awareness is on the rise and so is the protection against DDoS attacks. In response, cybercriminals are opting for new tactics. The upward trend in the size and duration of DDoS attacks continues. Simultaneously, new forms of DDoS have started appearing that are much more difficult to recognize. This and more can be read in the latest report on DDoS attacks by the National Internet Providers Management Organisation (NBIP) for the first six half of 2019.
DDoS attacks are larger, more frequent and smarter, according to the new NBIP DDoS data report for the first half of 2019. This continues the main trends of 2018, but with a number of notable new developments.
Some important conclusions:
An upward trend
In last year’s DDoS data report, the NBIP concluded that the number of attacks was increasing. This also appears to be the case in the first half of 2019. The total number of attacks in 2018 was 938; on July 1st, 2019 the total number tallied to 572, on average more than three attacks per day. In other words, the frequency of DDoS attacks in 2019 appears to be higher than in 2018.
The NBIP also reports an upward trend in the duration of attacks. Although the majority of DDoS attacks last less than fifteen minutes, there are also clear outliers. In particular, the number of attacks lasting more than four hours seems to be increasing. In the first half of 2019 alone, 23 such attacks were recorded, compared to 22 in the whole of 2018.
A new threat
Notable newcomer to the NBIP measurements is the so-called GRE flood, a new type of DDoS attack that focuses on the GRE tunneling protocol in network packets. “Cybercriminals are constantly on the lookout for new weaknesses. GRE floods are a good example. The use of GRE tunnels in network nodes is increasingly common – and also increasingly exploited by criminals,” says De Weerdt. “GRE floods are furthermore difficult to detect, as GRE traffic is encrypted. It once again highlights the importance of vigilance.”