Distributed denial of service (DDoS) hackers have heavily shifted tactics toward bit-and-piece attacks that paralyze targets with junk traffic accumulating from different IPs, Nexusguard said in its Q2 2020 Threat Report.
Cyber crews are using used bit-and-piece attacks to launch various “amplification and elaborate” User Datagram Protocol (UDP)-based attacks to flood target networks with traffic. Bit-and-piece attacks result from drip-feeding doses of junk traffic into a large IP pool, clogging the target when bits and pieces start to accumulate from different IPs. According to the San Francisco-based DDoS solution provider, the strategy is the primary driver behind a torrent of bombardments that has produced a 570 percent increase in such schemes during the period as compared to last year. When measured against the prior quarter, bit-and-piece attacks rose by more than 310 percent.
Overall, DDos attacks increased by 515 percent year over year.
Bit-and-piece style attacks insist that communications service providers (CSPs) detect and identify smaller and more complex attack traffic patterns among large volumes of legitimate traffic, Nexusguard said. The new report’s data show that more than 51 percent of bit-and-piece attacks were smaller than 30Mbps, forcing CSPs to assign entire networks of traffic to risk mitigation.
“Increases in remote work and study mean that uninterrupted online service is more critical than ever,” said Juniman Kasman, Nexusguard chief technology officer. “Cyber attackers have rewritten their battlefield playbooks and craftily optimized their resources so that they can sustain longer, more persistent attacks.” Companies must look to deep learning to “match the sophistication and complexity needed to effectively stop these advanced threats,” he said.
In the first quarter of the year, DDoS attacks rose more than 278 percent compared to Q1 2019 and more than 542 percent compared to Q4 2018, according to Nexusguard’s Q1 2020 Threat Report. Researchers attribute the sharp rise in incidents to malicious efforts during the COVID-19 pandemic, causing DDoS attacks to interrupt service for large companies and individuals. Internet service providers face increasing challenges to curb undetectable and abnormal traffic before they turn into uncontrollable reflection attacks, Nexusguard said.