Tag Archives: nexusguard

Industry responses and strategies for navigating the tides of DDoS attacks

It is important not to underestimate the potentially devastating impact of DDoS attacks. Organizations of all sizes should take proactive measures to mitigate and safeguard against DDoS attacks, ensuring the continuity and resilience of their operations. Throughout this Help Net Security video round-up, experts emphasize the need for a collective effort in the fight against DDoS attacks. Complete videos Bryant Rump, Principal Security Architect at Neustar Security Services, talks about the challenges of mitigating immense … More ? The post Industry responses and strategies for navigating the tides of DDoS attacks appeared first on Help Net Security .

Read More:
Industry responses and strategies for navigating the tides of DDoS attacks

Global rise in DDoS attacks threatens digital infrastructure

In 2022, the total number of DDoS attacks worldwide increased by 115.1% over the amount observed in 2021, according to Nexusguard. The data also showed that cyber attackers continued to alter their threat vectors by targeting the application platforms, online databases, and cloud-based storage systems within ISPs. This resulted in a significantly greater impact globally as organizations continue to move more of their workloads to the cloud. Number of DDoS attacks worldwide While the overall … More ? The post Global rise in DDoS attacks threatens digital infrastructure appeared first on Help Net Security .

Read More:
Global rise in DDoS attacks threatens digital infrastructure

Key observations on DDoS attacks in H1 2022

In the first half of 2022, the amount of DDoS attacks increased by 75.6% compared to the second half of 2021, according to new Nexusguard research revealed in the company’s DDoS Statistical Report for 1HY 2022. In this Help Net Security video, Juniman Kasman, CTO at Nexusguard, talks about how, while the total number of attacks did grow, the average (0.59 Gbps) and maximum (232.0 Gbps) attack sizes each decreased by 56% and 66.8%, respectively, … More ? The post Key observations on DDoS attacks in H1 2022 appeared first on Help Net Security .

See the original article here:
Key observations on DDoS attacks in H1 2022

In addition to traditional DDoS attacks, researchers see various abnormal traffic patterns

In the first quarter of 2020, DDoS attacks rose more than 278% compared to Q1 2019, and more than 542% compared to the last quarter, as published in the Nexusguard Q1 2020 Threat Report. DDoS attacks have become a global risk, and as attacks continue to increase in complexity, further spurred by the pandemic, ISPs will have to strengthen their security measures. Undetectable and abnormal traffic patternss While DDoS attacks disrupt service for large companies … More ? The post In addition to traditional DDoS attacks, researchers see various abnormal traffic patterns appeared first on Help Net Security .

Read More:
In addition to traditional DDoS attacks, researchers see various abnormal traffic patterns

DNSSEC fueling new wave of DNS amplification attacks

DNS amplification attacks swelled in the second quarter of this year, with the amplified attacks spiking more than 1,000% compared with Q2 2018, according to Nexusguard. Researchers attributed Domain Name System Security Extensions (DNSSEC) with fueling the new wave of DNS amplification attacks, which accounted for more than 65% of the attacks last quarter according to the team’s evaluation of thousands of worldwide DDoS attacks. DNSSEC was designed to protect applications from using forged or … More ? The post DNSSEC fueling new wave of DNS amplification attacks appeared first on Help Net Security .

Excerpt from:
DNSSEC fueling new wave of DNS amplification attacks

DDoS attacks increasingly form blended attacks of more vulnerabilities

DDoS attacks increasingly formed blended attacks of four or more vulnerabilities over the course of the fourth quarter of 2016, with an intent to overload targeted monitoring, detection and logging systems, according to Nexusguard. Hybrid attacks were a common attack pattern against financial and government institutions. DDoS botnet activity: Top attacking countries The supersized Mirai attack from Q3 set the stage for Q4 challenges, resulting in a ripple of botnets from connected devices and the … More ?

View article:
DDoS attacks increasingly form blended attacks of more vulnerabilities

Everything old is new again: Experts predict a flood of denial-of-service attacks

As IoT goes mainstream Mirai-style denial-of-service botnet attacks are escalating, and hackers are targeting health care companies, financial services, and the government. The hottest trend in cyberattacks is an archaic and simplistic hacker tool. Propelled by the rise of IoT, the popularity of denial-of-service attacks rebounded in late 2016 and early 2017. Accompanying the rapid acceleration of the IoT and connected device market, warn cybersecurity experts, will be a zombie botnet swarm of network-crippling attacks. Denial-of-service attacks are simple but effective weapons that bring down websites and services by flooding networks with junk traffic from commandeered botnets. Digital fallout will often cripple the target and ripple across the web to knock out unaffiliated but connected services and sites. “After an attack [clients] often feel angry and violated,” said Matthew Prince, CEO of denial-of-service mitigation service CloudFlare in an interview with TechRepublic. “A distributed denial-of-service (DDoS) attack is not a sophisticated attack. It’s the functional equivalent of a caveman with a club. But a caveman with a club can do a lot of damage.” “DDoS outages are causing companies to completely rethink their cybersecurity strategies,” said cyber-defence strategist Terrence Gareau in a report by threat identification firm Nexusguard. Nexusguard examines network data to identify threat vector trends like duration, source, and variation of denial-of-service attacks.”Hackers’ preferences for botnets over reflection attacks are typical of cyclical behavior, where attackers will switch to methods that have fallen out of popularity to test security teams with unexpected vectors.” Denial-of-service attacks are a broad umbrella used to describe a number of technological sub-tactics. Denial-of-service attacks are common and relatively easy to pull off because these attacks simply crowdsource web IP addresses. The hacker group Anonymous made DDoS attacks famous by championing a tool nicknamed the “Low Orbit Ion Cannon” that made denial-of-service accessible and easy. The downside, of course, is that all cyberattacks are illegal, and unsophisticated DDoS attacks are easy for law enforcement to pursue. The Nexusguard report shows that hackers are switching from DDoS to IoT botnet-based attacks like last year’s devastating Mirai hack. “Distributed denial-of-service attacks fell more than 40 percent to 97,700 attacks in the second quarter of the year,” Gareau said. IoT attacks targeted at French data provider OVH broke records for speed and size, the report said, and were so severe that France broke into Nexusguard’s Top 3 [cyberattack] victim countries. “The preferred programming language for the Mirai botnet helped to better handle a massive number of nodes compared to other typical languages for DDoS attacks,” Gareau said. “Researchers attribute the [DDoS] attack dip and these massive attacks to hackers favoring Mirai-style botnets of hijacked connected devices, demonstrating the power IoT has to threaten major organizations.” Hackers are also diversifying attacks against large organizations in financial services, healthcare, and government sectors, Gareau said in the Nexusguard report. “Hackers favored blended attacks, which target four or more vectors, in attempts to overload targeted monitoring, detection, and logging systems.” To fend off attacks, experts like Prince, Gareau, and Cyberbit’s chief technology officer Oren Aspir agree enterprise companies need to develop a response plan. “Attacks on an endpoint device will always leave some sort of trail or evidence to analyze,” Aspir said. “Since the speed of detection is vital, analysts need tools that will allow them to quickly detect behavior at the endpoint, validate the threat, and perform an automated forensic investigation in real time on that endpoint.” Aspir also suggested companies prepare for DDoS and other hacks by reviewing previous attack metrics, conduct vulnerability assessment and penetration testing exercises, and simulate attacks to help evaluate team preparedness. “It’s important for organizations to build a baseline that consists of what ‘good behavior’ should look like on an endpoint. This allows for organizations to take unknown threats and validate them quickly.” Though IoT botnet denial-of-service attacks are relatively new enterprise organizations have learned from previous attacks and already shifted defense tactics. “Researchers predict the attention from recent botnet attacks will cause companies to strengthen their cybersecurity… and ensure business continuity despite supersized attacks,” Gareau said. Source: http://www.techrepublic.com/article/everything-old-is-new-again-experts-predict-a-flood-of-denial-of-service-attacks/

Original post:
Everything old is new again: Experts predict a flood of denial-of-service attacks

DDoS Attacks Up by 75 Percent in Q2 2016

The largest attack detected in the second quarter peaked at 256 Gbps, according to Verisign. According to the Verisign DDoS Trends Report for the second quarter of 2016, the number of distributed denial of service (DDoS) attacks increased by 75 percent year over year. The average peak attack size in the second quarter was 17.37 Gbps, an increase of 214 percent over Q2 2015. Fully 75 percent of attacks peaked over 1 Gbps, and 32 percent exceeded 10 Gbps. The largest and fastest DDoS attack detected by Verisign in Q2 2016 peaked at 256 Gbps for about 15 minutes before settling in at more than 200 Gbps for almost two hours. Sixty-four percent of DDoS attacks detected in Q2 2016 employed multiple attack types, indicating that DDoS attacks continue to increase in complexity.  Forty-five percent of DDoS attacks targeted the IT services industry, followed by financial services (23 percent) and the public sector (14 percent). The Kaspersky DDoS Intelligence Report for Q2 2016 found that 77.4 percent of resources targeted by DDoS attacks were located in China. The three most targeted countries for Q2 2016 were China, South Korea and the U.S. While most attacks lasted no more than four hours, 8.6 percent lasted 20-49 hours, and 4 percent last 50-99 hours. The longest DDoS attack in Q2 2016 lasted for 291 hours (12.1 days), a significant increase over the previous quarter’s maximum of 8.2 days. Over 70 percent of all attacks detected by Kaspersky in Q2 2016 were launched from Linux botnets, almost twice the number for the previous quarter. Just under 70 percent of all command and control (C&C) servers were located in South Korea, followed by China (8.1 percent), the U.S. (7.1 percent), Russia (4.5 percent) and Brazil (2.3 percent). And the Nexusguard Q2 2016 Threat Report states that the number of DDoS attacks increased by 83 percent to more than 182,900 attacks in the second quarter. The most targeted countries seen by Nexusguard were Russia, the U.S. and China. “We were surprised to see an increase in DDoS attacks this quarter, especially as hackers experiment with ransomware, phishing schemes and other data-grabbing methods for monetary gain,” Nexusguard chief scientist Terrence Gareau said in a statement. “Organizations can expect cyber attacks to continue growing in frequency this year, especially with more attention on the Summer Olympics and the November election season in the U.S.” “The results from this quarter also show how important it is to not only protect your website, but also to plan for new payloads and attacks on your infrastructure,” Gareau added. Source: http://www.esecurityplanet.com/network-security/ddos-attacks-up-by-75-percent-in-q2-2016.html

See the original article here:
DDoS Attacks Up by 75 Percent in Q2 2016

DDoS attacks on the rise in Asia Pacific

The Asia Pacific region experienced 34,000 distributed denial of service (DDoS) attacks in the second quarter of 2016, according to Nexusguard’s Q2 2016 Threat Report – Asia-Pacific. The figure represents a 43 percent increase from the previous quarter. Even though Network Time Protocol (NTP) attacks dominated the type of attacks in the region (90 percent), such attacks were less common in other parts of the world (46 percent). The report also found that attack durations were longer in the Asia Pacific region as compared to global incidents, which is likely due to many scripted attack tools with set duration values. China remains as one of the top three target countries in the region. According to Nexusguard, a Chinese target was hit 41 times over the course of about a month of constant attacks. Nexusguard researchers attributed these attacks to the malware the victim had hosted over the last two years. The largest increase was observed in Hong Kong, accounting for a 57 percent rise in attacks. With hackers are experimenting with new attack methodologies, and events happening in the Asia Pacific region, Nexusguard researchers expect to see a spike in DDoS attacks in the third quarter of this year. “We expect the upward trend in the frequency of attacks to continue this year, especially with more attention on the Summer Olympics [in Brazil] and political dispute in the APAC region,” said Terrence Gareau, Chief Scientist at Nexusguard. “And as Pokémon Go gradually launches across the Asian market, Nexusguard analysts expect attack groups will launch more public attacks. This activity increases visibility and positioning as DDoS-for-hire services, the popularity of which we noted from the consistent time durations this quarter,” he added. Source: http://www.mis-asia.com/resource/security/ddos-attacks-on-the-rise-in-asia-pacific/

More:
DDoS attacks on the rise in Asia Pacific