CybersecAsia 2020 award winner, Nexusguard, reports a 570% increase in bit-and-piece DDoS attacks in Q2 this year, when compared to the same period last year. Perpetrators shifted tactics, using bit-and-piece attacks to launch various amplification and elaborate UDP-based attacks to flood target networks with traffic according to the new Nexusguard’s Q2 2020 Threat Report.
Nexusguard analysts witnessed attacks using much smaller sizes—more than 51% of bit-and-piece attacks were smaller than 30Mbps—to force communications service providers (CSPs) to subject entire networks of traffic to risk mitigation. This causes significant challenges for CSPs and typical threshold-based detection, which is unreliable for pinpointing the specific attacks to apply the correct mitigation.
Improvements in resources and technology will cause botnets to become more sophisticated, helping them increase resilience, and evade detection efforts, to gain command and control of target systems. The evolution of attacks means that CSPs need to detect and identify smaller, more complex attack traffic patterns amongst large volumes of legitimate traffic. Nexusguard analysts recommend service providers switch to adopt deep learning-based predictive models to quickly identify malicious patterns and surgically mitigate them before any lasting damage occurs.
“Increases in remote work and study mean that uninterrupted online service is more critical than ever. Cyber attackers have rewritten their battlefield playbooks and craftily optimised their resources so that they can sustain longer, more persistent attacks. Companies must look into deep learning in their approaches if they hope to match the sophistication and complexity needed to effectively stop these advanced threats”, said Juniman Kasman, Chief Technology Officer of Nexusguard.
Attackers have used bit-and-piece attacks with a single attack vector to launch new attacks based on that vector in the past. Nexusguard reported that attackers have the tendency to employ a blend of offensive measures in order to launch a wider range of attacks, aiming to increase the level of difficulty for CSPs to detect and differentiate between malicious and legitimate traffic.
According to Nexusguard’s Q1 2020 Threat Report, in the first quarter of the year, DDoS attacks rose more than 278 per cent compared to Q1 2019 and more than 542 per cent compared to Q4 2018. Researchers attribute the sharp rise in incidents to malicious efforts during the COVID-19 pandemic, causing DDoS attacks to interrupt service for large companies and individuals. Internet service providers face increasing challenges to curb undetectable and abnormal traffic before they turn into uncontrollable reflection attacks.
Nexusguard has been given recognition under the Best DDoS Defense Category, recognising their advances and innovations as the winners of the CybersecAsia Awards. Nexusguard’s DDoS threat research reports on attack data from botnet scanning, honeypots, CSPs and traffic moving between attackers and their targets to help companies identify vulnerabilities and stay informed about global cyber security trends.