Web security firm Imperva was hit by a 650Gbps (Gigabit per second) distributed denial of service (DDoS) attack at the end of 2016, the largest ever recorded on its network.
The Leet botnet attack, which occurred just four days before Christmas, targeted several anycasted IPs on the Imperva Incapsula network over two waves, both of which were effectively defended against.
The first wave lasted roughly 20 minutes and peaked at 400 Gbps, whilst the second lasted around 17 minutes and generated a “650 Gbps DDoS flood of more than 150 million packets per second (Mpps)”.
Although Imperva was unable to trace the attack’s location or learn anything about the nature of the attacking devices, it was able to identify the type of botnet that was used by analysing the SYN payloads.
There, it found clues that point towards it being the Leet botnet. For example, the company writes that the attacker made “a conscious effort” to include a “signature” in the SYN packets in the form of values arranged to spell 1337, which is a known reference to “leet.”
The company described the attack as a “fitting end to a year of huge DDoS assaults, nasty new malware types and massive IoT botnets” and also used it to point towards what is expected for the DDoS landscape in 2017.
“With 650 Gbps under its belt, the Leet botnet is the first to rival Mirai’s achievements. However, it will not be the last. This year we saw DDoS attacks escalate to record heights and these high-powered botnet are nothing more than a symptom of the times. And like we said, it’s about to get a lot worse.”
So, an ominous message to start the new year, but Imperva is not alone in issuing such a warning. Corero Network Security also warned that businesses should prepare for bigger and badder DDoS attacks in 2017, after a year in which the UK in particular was a prime target for cyber criminals.
US FCC seeks to ban Chinese telecom firms at centre of national security concerns from…
Two updates to Anthropic's AI chatbot Claude sees arrival of a new business-focused plan, as…
Most people in the United States view TikTok as a Chinese influence tool a poll…
UK regulator confirms it is investigating whether OnlyFans is doing enough to prevent children accessing…
Dismissed staff file complaint with a US labor board, and allege Google unlawfully terminated their…
Elon Musk dismisses two senior Tesla executives, plus the entire division that runs Tesla's Supercharger…