Distributed denial-of-service (DDoS) attacks recorded after the first quarter of 2015 shows powerful capabilities where attackers could handle prolonged assaults against victims, a new report said.
UDP and SYN floods continue as the preferred method for network layer attacks and that botnet-for-hire services are responsible for shorter and less advanced incidents, according to data gathered by Incapsula from March 1 through May 7, which they refer to as Q2 2015.
The largest DDoS event the company helped mitigate peaked at over 253Gbps, while the longest one hit the victim’s infrastructure for over 64 days.
The usual high-powered assault lasted for about an hour and the average was above 200Gbps, the report said.
From the 1,572 network layer attacks Incapsula pulled data from, 9.9 percent lasted more than 720 hours, most of them (58.1 percent) lasted less than 30 minutes.
The purpose of short attacks is likely to probe the target’s defenses or they end up executed by inexperienced assailants via DDoS-for-hire services, the company said in its report.
Extended events that last at least one day show the attackers have some skills and they control their own botnets. Such groups may engage in blackmail operations, threatening victims with congesting their resources unless they pay a fee.
Along those lines, governments and CERT (Computer Emergency Response Teams) divisions in multiple countries issued alerts about a group called DD4BC, who boasts capabilities for UDP flood attacks of at least 400Gbps against selected targets unless 40 bitcoins (currently approximately $9,100) end up paid.
Incapsula said out of more than 56 percent of the UDP and SYN floods seen in the studied time interval, 8 percent launched from “Internet of Things” devices, indicating the cybercriminal effort to expand their resources covers any gadget capable to connect to the web.
Click here to download the report.