Home / Industry

Under the Radar DDoS Attacks Increase by 158 Percent in Q2, 2019 Compared to the Same Time Last Year

Just released: Neustar Q2’19 Cyber Threats and Trends Report (download here)

Recent trends research from Neustar reveals the changing face of DDoS attacks, including size, character and duration.

Small-scale Distributed Denial of Service (DDoS) attacks are becoming more frequent and sophisticated, according to new research from Neustar's Security Operations Centre (SOC). Released today, the Q2, 2019 Cyber Threats and Trends report reveals that between April and June of this year, over 75 percent of all attacks mitigated by Neustar were 5 Gigabits per second (Gbps) or less, while large attacks — those of 100 Gbps and over — decreased by 64 percent.

At first glance, the evolution of DDoS attacks on enterprises seems to follow a pattern. The overall number of attacks during Q2 2019 compared with the previous year grew by 133 percent, which, though down from last quarter's 200% growth, is still high. Stepping outside analysis of the numbers of attacks to their composition, however, shows some interesting changes, according to Neustar.

Small and secretive

DDoS attacks have long been considered overwhelming threats and are traditionally associated with high rates of traffic. Such attacks do continue to take place, but smaller and more carefully targeted incursions are growing in quantity, intensity and duration. Such attacks do not seek to saturate the network link — and draw unwanted attention in the process — but to degrade or disable specific infrastructure within the target. Such lower volume incursions may enable the perpetrator to get in and get out unnoticed, or allow the attack to continue for quite a long time undetected. In fact, the longest duration for a single attack in Q2 was nearly two days.

Percentage change in number of attacks by category, Q2, 2019 vs. Q2, 2018 (Source: Neustar)

These small attacks pose a significant threat, as they fall below the typical threshold that enterprises with a "detect and alert" DDoS mitigation strategy might employ. An attacker could, therefore, affect targets ranging from infrastructure to individual servers with relative impunity.

The situation becomes more alarming when considering an enterprise's ability to recognize such threats when they were underway. When asked how likely they would be to notice today's most prevalent smaller attacks, a staggering 72 percent of CTOs, CISOs and Directors of Security from the Neustar International Security Council (NISC) answered very unlikely, somewhat unlikely or somewhat likely. The remaining 28 percent of respondents felt it was very likely that they would notice a small-scale DDoS attack.

"With the rise of smaller DDoS attacks going under the radar, now is the time for organizations to deploy an 'always on' DDoS mitigation service that is constantly monitoring traffic to ensure threats of all sizes are detected, managed and diffused," said Rodney Joffe, Senior Vice President, Senior Technologist and Fellow at Neustar.

"Now, with most of today's attacks directed at specific services, gateways and applications — therefore requiring less traffic to bring it down — a greater level of understanding from businesses to determine the protection they need is essential. The first stage of this is to determine what is valuable, not what is vulnerable. One of the best ways to separate vulnerability from value is to create a 'risk register' that starts from the inside and focuses on your most critical business assets," Joffe added.

A complimentary copy of The Neustar Q2'19 Cyber Threats and Trends Report is available here.

Neustar

About Neustar – Neustar, Inc. is a leading global information services provider driving the connected world forward with responsible identity resolution. As a company built on a foundation of Privacy by Design, Neustar is depended upon by the world's largest corporations to help grow, guard and guide their businesses with the most complete understanding of how to connect people, places and things. Visit Page

Follow CircleID on
Related topics: Cybersecurity, DDoS Attack
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

Whois

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

Cybercrime

Sponsored byThreat Intelligence Platform

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byAfilias

DNS Security

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC