DDoS attacks continue to be an effective means to distract and confuse security teams while inflicting serious damage to brands, according to a report released last week by Neustar, Inc.
The first quarter 2019 Cyber Threats and Trends report highlights new areas of growth in Distributed Denial of Service (DDoS) attacks over the past year. One issue the report highlights is that while volumetric attacks over 50Gbps remain a relatively small segment of the overall threat picture at only 12% of attacks, their frequency has grown enormously when compared to the same period in 2018. The latest attacks morph over the course of the attack using a variety of ports and protocols to locate and exploit vulnerabilities. In Q1, 2019, over 77% of attacks used two or more vectors.
In particular, the trend of targeting subnets and classless inter-domain routing (CIDR) blocks to slow or stop network traffic across the internet is a disruptive DDoS threat, identified in the report. By using DDoS methods aimed completely at subnets, rather than specific IP addresses, an attack is often more difficult to detect and mitigate. These attacks often feature multiple vectors, and will switch between them as they migrate from subnet to subnet.
Neustar handled a mitigation for just such an attack in an around-the-clock collaboration between SOC engineers and a new customer who was quickly onboarded by Neustar after being dropped [during the attack] by their Tier 1 Internet Service Provider (ISP).
“Today’s artificial intelligence and machine learning technologies enable us to identify anomalous traffic and patterns, correlate data across systems, and perform behavioral analytics on users and entities,” said Rodney Joffe, Neustar Senior Vice President, Technologist and Fellow. “But none of these systems function without professionals who know how to deploy them, interpret their data, identify the existence and location of problems, and mitigate them.”
Such immediate personal involvement with expert engineers is a significant benefit in working with an estab-lished firm such as Neustar, particularly when under attack. “Neustar’s 10+Tbps of scrubbing capacity and variety of offerings are world class, and we have more power than ever to defend against the range of DDoS attacks,” said Michael Kaczmarek, Neustar Vice President of Security Products. “But it’s important to remember our most powerful defense: people.”
Neustar provides its customers with the resources and assurance that are needed to ensure data and infra-structure is continually protected against any type or size of DDoS attack. Neustar’s DDoS Mitigation Solutions offer the largest dedicated global network with over 10Tbps + of scrubbing capacity in North America, Europe, Asia, South America, Africa, Australia and India.
A free copy of The Neustar Q1’19 Cyber Threats and Trends Report is available here.