Sunday, January 29, 2023
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Cybersecurity > Network-layer DDoS attack doubled in last 3 months

Network-layer DDoS attack doubled in last 3 months

Distributed Denial-of-Service (DDoS) attacks directed at networks observed in the third quarter doubled again, according to Cloudflare.


Seda Nur Cinar Seda Nur Cinar
November 23, 2020
2 min read
Network-layer DDoS attack doubled in last 3 months

Omer Yoachimik and Vivek Ganti from Cloudflare published a blog post about Network-layer DDoS attack trends for Q3 2020, considering attacks on Cloudflare. While DDoS attacks are surging both in frequency and sophistication, the total number of network layer attacks observed in Q3 doubled again. Compared to the pre-COVID levels in the first quarter, the number of network layer attacks quadrupled.

Network layer DDoS trends in Q3

While SYN, RST, and UDP floods continue to dominate the landscape, Cloudflare discovered an explosion in protocol-specific attacks such as mDNS, Memcached, and Jenkins DoS attacks. The majority of the attacks that cause service disruptions are under 500 Mbps and 1 Mpps. The researchers also estimated that most attacks under 1 hour in duration will continue. In addition to this, ransom-driven DDoS attacks (RDDoS) are on the rise as groups claiming to be Fancy Bear, Cozy Bear and the Lazarus Group extort organizations around the world.

Month by month, September witnessed the largest number of attacks overall, August saw the largest attacks. Ninety-one percent of large attacks in Q3 took place in August. While the total number of attacks between 200-300 Gbps decreased in September, Cloudflare saw more global attacks on its network in Q3.

In early July, Cloudflare faced one of the largest-ever attacks on its network generated by Moobot, a Mirai-based botnet. “The attack peaked at 654 Gbps and originated from 18,705 unique IP addresses, each believed to be a Moobot-infected IoT device. The attack campaign lasted nearly 10 days, but the customer was protected by Cloudflare, so they observed no downtime or service degradation,” written in the blog post.

The data shows that small attacks of under 500 Mbps are many times sufficient to create major disruptions for Internet properties that are not protected by a Cloud-based DDoS protection service. Many organizations have uplinks provided by their ISPs that are far less than 1 Gbps. These small DDoS attacks can easily take down Internet properties.

distribution-by-bitrate

Attack vectors

SYN floods constituted nearly 65% of all attacks observed in Q3, followed by RST floods and UDP floods. TCP based attacks like SYN and RST floods continue to be popular. UDP-protocol specific attacks like mDNS, Memcached, and Jenkins are the top emerging attack vectors.

attack-vectors

Multicast DNS (mDNS) is a UDP-based protocol that is used in local networks for service/device discovery. The most popular emerging attacks in the second and third place are Memcached and Jenkins attacks. When we look at the country-based distribution, the United States observed the most number of L3/4 DDoS attacks, followed by Germany and Australia.

See more Cybersecurity News


Tags: CloudflareDDoS
Seda Nur Cinar

Seda Nur Cinar

Seda Nur Cinar is the news editor of the Cloud7 News. With more than 8 years of Linux and cloud experience, Seda is a Linux and opensource enthusiast, security researcher and a web application developer.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Next Post
GoDaddy employees used in vishing attacks on cryptocurrency platforms

GoDaddy employees used in vishing attacks on cryptocurrency platforms

Related News

Radware issued a threat advisory

Chinese 8220 Gang targets public clouds

January 29, 2023 3:00 pm
Thoma Bravo to acquire Magnet Forensics

Thoma Bravo to acquire Magnet Forensics

January 26, 2023 1:10 pm
LastPass faces yet another security incident

LastPass publishes an update on the November 2022 security incident

January 25, 2023 6:35 pm
VMware vRealize updates addressing security flaws

VMware fixes critical vRealize Log Insight security flaws

January 25, 2023 3:30 pm
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter
Select list(s):

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy

Get the free newsletter

Subscribe to receive the latest IT business updates straight to your inbox.

Select list(s):

Check your inbox or spam folder to confirm your subscription.

Editor's Choice

What’s new in Linux kernel 6.2 rc5?

10 Best Web Hosting Services of 2023

Ubuntu 22.04 LTS is available for download. What is new?

CERN and Fermilab recommend AlmaLinux

7 best hosting control panels of 2023

How to update Linux Kernel without rebooting?

7 best Linux mail servers of 2023

7 best cPanel alternatives for 2023

7 best Linux web browsers for 2023

7 best CentOS alternatives

7 best Linux server distros of 2023

Interview with Igor Seletskiy on AlmaLinux

How to create a VM and install a Linux distro on VMware Workstation

Recent News

  • Yugabyte releases YugabyteDB Voyager
  • Chinese 8220 Gang targets public clouds
  • RtBrick supports a hardened open switch from Edgecore
  • Weekly round-up: 23 – 27 January
  • Interview: Orly Izhaki, General Manager of Wix Restaurants

Cloud7 News
Cloud7 is a news source that publishes the latest news, reviews, comparisons, opinions, and exclusive interviews to help tech users of high-experience levels in the IT industry.

EXPLORE

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • How-Tos
  • Troubleshooting

RESOURCES

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2022, Cloud7 News. All rights reserved.

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

© 2022, Cloud7 News. All rights reserved.

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Facebook
Sign Up with Google
Sign Up with Linked In
OR

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.