DDoS becomes bigger priority as multi-vector attacks on the rise

No industry is spared, from technology and finance to retail and hospitality.
21 April 2022

The most recent extreme DDoS attack targeted an unidentified AWS customer and lasted for three days and peaked at an astounding 2.3 terabytes per second. (Photo by Noah Berger / GETTY IMAGES NORTH AMERICA / Getty Images via AFP)

  • Distributed Denial of Service (DDoS) attacks are on the rise, and 55% were targets of multi-vector attacks
  • Most multi-vector attacks targeted education, finance, government, and healthcare (73%)
  • A recent DDoS attack on IT software FlexBooker’s AWS servers resulted in a data breach of 3.7 million records 

Distributed Denial of Service (DDoS) attacks are rising, evolving, and growing in sophistication. These attacks can take many different forms, called vectors, thus making it difficult for businesses to determine which ones to defend against.

Multi-vector attacks are often more successful because they combine several methods into one attack. This makes them harder to detect and mitigate. As a result, businesses need to be particularly vigilant in protecting themselves against these threats.

A recent DDoS attack on IT software FlexBooker’s AWS servers resulted in a data breach of 3.7 million records that later appeared on a dark web hacker forum.

Distributed Denial of Service (DDoS) attacks are rising

Comcast Business found that 69% of its customers experienced DDoS attacks in its latest threat report, a 41% increase over 2020. In addition, 55% were targets of multi-vector attacks, as opposed to in 2020, where most customers experienced single vector attacks.

What does this mean for businesses? Businesses need to understand the different types of attacks to allocate resources accordingly. They need to make DDoS mitigation a bigger priority in their security strategies.

Distributed denial of service attacks cause severe damage to businesses

According to a report from Comcast Business, DDoS attacks are now more than just a minor inconvenience – they can cause severe damage to businesses of all sizes.

The report indicated that 2021 was another record year for DDoS attacks. This was seen in Comcast Business’ DDoS Mitigation Services as it successfully identified and helped defend against 24,845 multi-vector attacks targeting Layers 3, 4, and 7 simultaneously.

Indiscriminate DDOS attacks

DDoS attacks have always been a thorn in the side of businesses. However, the report has shown that the attackers have become indiscriminate in their targets.

No industry is spared, from technology and finance to retail and hospitality. And the attacks are also becoming more persistent, with some lasting more than six months.

However, most multi-vector attacks targeted education, finance, government, and healthcare (73%). These attacks are likely due to vulnerabilities brought on by the COVID-19 pandemic.

Other key findings from DDoS Threat report 

There was a steady rise of attacks on information technology customers, with 69% of multi-vector attacks lasting under 10 minutes. Short-duration attacks are challenging to detect and give IT organizations less time to respond, quickly overwhelming defenses.

Multi-vector attacks are assaults that use two or more attack vectors, such as a combination of malware, phishing, and social engineering.

The report found that 98% of all multi-vector attacks were under 5 Gbps, while 99% of customers experienced repeat attacks. In contrast, the most severe and significant attack was delivered at 242 Gbps.

Meanwhile, the number of vectors deployed in a single multi-vector attack increased from five to 15. In contrast, the number of amplification protocols used in multi-vector attacks increased from three to nine.

Low attack volumes to avoid detection

Bad actors often strike at low volumes to avoid detection and ultimately increase their chances of success. They may also degrade site performance and map out network vulnerabilities to achieve this.

This behavior can significantly impact businesses, as it thwarts their day-to-day operations and exposes them to future attacks. The assault can come from a botnet made up of hijacked devices — like smart TVs and home routers — or even from a hijacked pool of IP addresses.

These attacks work by flooding a target system with bogus traffic until it can no longer function, thereby denying service to legitimate users. While there is no one silver bullet to solve this problem, increasing your network and server capacity is an essential line of defense.

By understanding the various tactics that bad actors use, businesses can take appropriate preventative measures to safeguard their networks and data.