Small-scale DDoS Attacks On The Rise – Neustar

A new report from information services provider Neustar, has found a significant rise in the number of small-scale DDoS attacks.

The surprising development was revealed in the Neustar Q2’19 Cyber Threats and Trends report, which found that under the radar’ DDoS attacks have increased by 158 percent in the second quarter of this year, compared to the same time last year.

In June Telegram was knocked offline by a massive DDoS (distributed denial of service) attack, which the CEO of the app at the time blamed on China, which he said was trying to disrupt the street protests in Hong Kong.

Small-scale DDoS

The Neustar report from its Security Operations Centre (SOC), revealed that between April and June of this year, 75 percent of all attacks mitigated by Neustar were 5 Gigabits per second (Gbps) or less.

But at the same time it found that large attacks (100 Gbps and over) decreased by 64 percent.

Neustar said that the longest duration for a single incursion lasted up to two days, which meant these small attacks pose a significant threat to the enterprise, falling below the typical threshold that enterprises with a “detect and alert” DDoS mitigation strategy might employ.

“An attacker could therefore affect targets ranging from infrastructure to individual servers with relative impunity,” said the firm.

And the ability of companies to identify when they are being attacked is a worry.

When asked how likely they would be to notice today’s most prevalent smaller attacks, a staggering 72 percent of CTOs, CISOs and Directors of Security answered very unlikely, somewhat unlikely or somewhat likely.

The remaining 28 percent of respondents felt it was very likely that they would notice a small-scale DDoS attack.

“With the rise of smaller DDoS attacks going under the radar, now is the time for organisations to deploy an ‘always on’ DDoS mitigation service that is constantly monitoring traffic to ensure threats of all sizes are detected, managed and diffused,” said Rodney Joffe, senior VP at Neustar.

Risk register

“Now, with most of today’s attacks directed at specific services, gateways and applications – therefore requiring less traffic to bring it down – a greater level of understanding from businesses to determine the protection they need is essential,” Joffe added.

“The first stage of this is to determine what is valuable, not what is vulnerable,” he added. “One of the best ways to separate vulnerability from value is to create a ‘risk register’ that starts from the inside and focuses on your most critical business assets.”

In 2017 research from Kaspersky Lab found that 43 percent of businesses who had fallen victim to a DDoS attack believed their competitors were behind it, while just 38 percent considered cyber criminals the more likely suspects.

Do you know all about security? Try our quiz!