Cybercriminals have been launching heavy DDoS attacks since the beginning of 2021 to harm victims and force them to pay ransoms. According to Tom Emmons, Akamai’s product architect, since the beginning of the year, the company has seen more attacks with a peak greater than 50 Gbps than during the whole of 2019. The two largest were launched against a European organization in the gaming sector. unlucky and against an Asian video game company: the first at 824 Gbps and the second at 812 Gbps, both on February 24th. On March 5, Akamai recorded a 594 Gbps attack against another organization.
The three attacks noted above did not reach the magnitude of the largest DDoS attacks the company has mitigated so far (1.35 Tbps peak in 2018 and 1.44 Tbps in 2020), but they are among the six largest that Akamai has ever encountered.
According to Emmons, Akamai’s experts realized that the attackers are expanding in different regions and sectors, as the number of targets in 2021 is already 57% higher than last year. The expert says that threat agents are looking for new ways to bypass defenses and paralyze their targets’ resources, including through the use of new attack vectors, such as the datagram congestion control protocol (DCCP), or protocol 33, recently observed.
“The attacks using this vector are similar to the SYN floods in DCCP, but they are volumetric in nature and are intended to bypass defenses that focus on TCP and UDP traffic. Overall, 2021 DDoS campaigns are more targeted and persistent, ”says Emmons. “Several of these attacks were targeted at the IP addresses of two specific customers and lasted for several days, trying to exploit any weaknesses in their defenses.”
“In an attack, the threat actors targeted nearly a dozen IPs and switched between multiple DDoS attack vectors, trying to increase the likelihood of disrupting back-end environments. In fact, 65% of DDoS attacks launched against customers were multivectorial, ”he added. This year, a general increase in the number of DDoS attacks is expected to be accompanied by a spike in large DDoS attacks (at more than 50 Gbps), with more victims in more sectors.
With international news agencies
Source: CisoAdvisor