Home / Industry

Neustar Research Shows Large Attacks Growing as Multi-Vector Exploits Increasingly Become the Norm

Neustar Q1, 2019 Cyber Threats and Trends Report highlights new areas of growth in Distributed Denial of Service (DDoS) attacks over the past year. (Download Here)Neustar Security Operations Center (SOC) saw growth at both sides of the attack size spectrum with 77% of attacks using two or more vectors in Q1, 2019

Neustar, Inc., a trusted, neutral provider of real-time information services, has released its Q1, 2019 Cyber Threats and Trends report which highlights new areas of growth in Distributed Denial of Service (DDoS) attacks over the past year.

The report affirms that DDoS attacks continue to be an effective means to distract and confuse security teams while inflicting serious damage to brands.

The report reveals that while volumetric attacks over 50Gbps remain a relatively small segment of the overall threat picture at only 12% of attacks, their frequency has grown enormously when compared to the same period in 2018. The latest attacks morph over the course of the attack using a variety of ports and protocols to locate and exploit vulnerabilities. In Q1, 2019, over 77% of attacks used two or more vectors.

In particular, the trend of targeting subnets and classless inter-domain routing (CIDR) blocks to slow or stop network traffic across the internet is a disruptive DDoS threat, identified in the report. By using DDoS methods aimed completely at subnets, rather than specific IP addresses, an attack is often more difficult to detect and mitigate. These attacks often feature multiple vectors, and will switch between them as they migrate from subnet to subnet.

Neustar handled a mitigation for just such an attack in an around-the-clock collaboration between SOC engineers and a new customer who was quickly onboarded by Neustar after being dropped [during the attack] by their Tier 1 Internet Service Provider (ISP).

"Today's artificial intelligence and machine learning technologies enable us to identify anomalous traffic and patterns, correlate data across systems, and perform behavioral analytics on users and entities," said Rodney Joffe, Neustar Senior Vice President, Technologist and Fellow. "But none of these systems function without professionals who know how to deploy them, interpret their data, identify the existence and location of problems, and mitigate them."

Such immediate personal involvement with expert engineers is a significant benefit in working with an established firm such as Neustar, particularly when under attack. "Neustar's 10+Tbps of scrubbing capacity and variety of offerings are world class, and we have more power than ever to defend against the range of DDoS attacks," said Michael Kaczmarek, Neustar Vice President of Security Products. "But it's important to remember our most powerful defense: people."

Neustar provides its customers with the resources and assurance that are needed to ensure data and infrastructure is continually protected against any type or size of DDoS attack. Neustar's DDoS Mitigation Solutions offer the largest dedicated global network with over 10Tbps + of scrubbing capacity in North America, Europe, Asia, South America, Africa, Australia and India.

A complimentary copy of The Neustar Q1'19 Cyber Threats and Trends Report is available here.

By GoDaddy Registry, World-Leading Provider of Domain Name Registry Services – GoDaddy Registry (formerly Neustar Registry) is one of the world's largest and leading domain name registry providers. We operate top-level domains (TLDs) on behalf of sovereign nations, city governments, global brands and domain registries so that people worldwide can bring their ideas to life online.  Visit Page

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

Brand Protection

Sponsored byAppdetex

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

Domain Management

Sponsored byMarkMonitor

IPv4 Markets

Sponsored byIPXO

Cybersecurity

Sponsored byVerisign