Security Market Segment LS
Tuesday, 06 March 2018 10:08

DDoS record broken again, 1.7Tbps attack reported

By

A distributed denial-of-service attack measuring 1.7Tbps has been reported by network security and monitoring company Arbor Networks.

Arbor's Carlos Morales said the company could confirm a 1.7Tbps reflection/amplification attack aimed at a customer of an US-based service provider had been recorded by its ATLAS global traffic and DDoS threat data system.

He said the attack was carrying out using memcached, the same application used to launch an attack measured at 1.35Tbps that was reported to have hit software hosting repository GitHub on 28 February.

Morales said that prior to this, the biggest DDoS attack that Arbor had experienced was 650Gbps aimed at a target in Brazil.

In a blog post soon after the GitHub attack was reported, he traced the evolution of DDoS attacks from 2013 onwards as they grew in intensity.

peak

In 2013-14, he said, malware that weaponised the network time protocol had made an appearance and replaced DNS as the most prominent reflection/amplification vector.

Figures he had collated showed that the average NTP traffic globally in November 2013 was 1.29Gbps; by February 2014. that had grown to 351.64Gbps.

The following year, with the rise of botnets along with the proliferation of IoT devices, attackers had unprecedented power in their hands, Morales noted.

In 2016, he pointed out, the presence of more than 28 million open DNS resolvers meant that they were there for use in reflection/amplification techniques.

"Throughout this year (2016), the number of DNS reflection/amplification attacks being tracked per week nearly doubled, from approximately 10,500 to 18,500. Other protocols were being used as well to a lesser extent; DNS, NTP and Chargen represented the top three reflection/ amplification attack vectors," Morales said.

The trend continued in 2017, with attackers using reflection/amplification techniques to exploit vulnerabilities in DNS, NTP, SSDP, CLDAP, Chargen and other protocols to maximise the scale of their attacks.

He said in 2018, "memcached servers are now being used as reflectors/amplifiers to launch extremely high-volume UDP reflection/amplification attacks".

"They are proving especially effective because memcached servers have high-bandwidth access links and reside on networks with high-speed transit uplinks. This makes memcached servers ideal for use in high-bandwidth reflection/amplification DDoS attacks."

Graphic: courtesy Arbor Networks

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments