Multi-vector DDoS attacks are once again on the rise after a long period of decline. The attacks rose 30% in Q3 2019 when compared to its previous quarter. Whenever multiple systems intentionally flood a targeted system or server with illegitimate traffic, it is recognized as a distributed denial-of-service attack. They generally target servers, websites, or services to overflow internet traffic until the targeted system becomes unresponsive to the legit requests. The system faces overwhelming bandwidth, eventually leading to a system crash. DDoS attacks impact numerous organizations, disrupting their daily business operations. Of which, SMBs are the major targets of cybercriminals because of their considerable security gaps.
The pace with which attackers have used DDoS in 2019 will give birth to different trends in 2020. This blog covers a list of DDoS trends that will emerge in 2020.
What are DoS and DDoS attacks?
Under a denial-of-service (DoS) attack, the attacker floods a web resource with more requests than the server can handle, leading to either slowing down its performance or crashing the entire system. The threat actor uses a single machine to victimize the targets. While in a distributed denial-of-service (DDoS), the attack originates from thousands of machines. Usually, botnets are used to carry out this malicious task.
What are the different types of denial of service attacks?
DoS attacks can be categorized into three categories – Volumetric attacks, Application-layer attacks, and Protocol attacks.
- Volumetric attacks: When an attacker (generally using a bot) sends in massive false requests for every open port, it is identified as a volumetric attack. There are two main kinds of volumetric attacks, which are UDP flood and ICMP flood.
- Application-layer attacks: The attack that targets the web traffic of a user interacting application is known as an application-layer attack. It mostly interferes with HTTP/HTTPS, DNS, or SMTP protocols.
- Protocol attacks: When the selected parts of the network are targeted, they are considered as protocol attacks. The attacker intentionally sends slow and malformed pings that consumes a lot of memory while trying to verify the incoming pings.
5 DDoS Attack Trends that You’ll Witness in 2020
1. Application layer attacks
Earlier DDoS attacks attempted to create service disruptions by using volumetric network flows. At that time, even one gigabit uplink in the data center was capable of pushing the infrastructure towards its threshold. But with the advancement and the emergence of cloud-based services, attackers innovated new strategies to swamp the cloud servers with false network traffic. As a result, perpetrators started focusing on network-based attacks. They understood that the infrastructure-oriented approach was less destructive than disrupting web traffic on applications.
2. Burst attack
These attacks are also known as hit-and-run DDoS. Burst attack causes disruptions for a few seconds and repeats itself at random intervals. So, before an organization can come up with a counter-strategy, it will be long gone. It continuously changes in frequency and duration, making it an unpredictable form of attack. For mitigating these attacks, enterprises need to wait till the next wave hits. The attack must be caught in action for its successful mitigation. The defenders need to collect the required intelligence and set the filters in real-time.
3. Exposed servers
For improving the user experience, enterprises moved to UDP (User Datagram Protocol) and placed back-end web servers online, leaving a backdoor open for attackers. With exposed servers, perpetrators don’t even need to write malicious codes to gain access to unauthorized data. Likewise, about 100,000 servers are sitting exposed, and attackers can access them conveniently without the need to set up a trap.
4. Merging DDoS with previous attacks
Over the past couple of years, the attackers started using additional components on top of previous network incidents. Overlapping of events allows the perpetrators to maximize their monetary gain and the destructive impact of their attacks. Earlier it was convenient to identify attacks distinctively and what to expect of them, but the merge of DDoS with previous attacks help the threat actors to steal information easily and sell it on the dark web. In 2020, cybercriminals will be leveraging the multitude of factors, variables, and the involvement of multiple actors.
5. Increased volume
The continuous success of DDoS attacks motivates perpetrators to rely on them. Even though DDoS attacks are not too complicated to protect against, yet organizations somehow fail to safeguard their environment properly. Organizations putting their faith in the environment running on DNS (Domain Name System) should know that DNS doesn’t top the being secured list. If this issue isn’t addressed, then the industry will witness an increased volume of DDoS attacks in 2020.
Today, attackers are more focused on application-level attacks, and they are turning out to be the most effective ones. Such forms of attacks don’t require tons of bandwidth or additional expertise. To deal with persistent attacks like DDoS, enterprises need to be more focused and smarter while protecting their assets and resources. Secure the network with a Certified Network Defender (C|ND), a professional who can actively protect, detect, and respond to the threats on a network. The professional should have hands-on experience in securing VPN, Firewall, IDS, and being able to monitor and analyze the network traffic. Not only that, a C|ND holder will be able to uphold the resiliency and continuity of operations while the network is under attack.
Let us know what you think could make for other emerging trends in 2020 in the comments below!