14 DAY TRIAL // Black Lotus, a company that provides distributed denial-of-service (DDOS) attack protection solutions, has published its threat report for the first quarter of 2014.
The company highlights the fact that the network time protocol (NTP) amplification attacks that made a lot of headlines earlier this year have been largely contained. However, Black Lotus warns that new types of distributed reflected denial-of-service (DrDOS) threats will take their place.
The company predicts that in the next 12 to 18 months, we’ll see attacks that exceed 800 Gbps. While DDOS mitigation services providers are enhancing their solutions, cybercriminals are also improving their game.
In the first quarter of 2014, novice attackers managed to bypass the DDOS defenses of companies that were well prepared to handle such attacks by targeting upstream carriers directly.
For instance, in January, tier 1 carriers in a number of US regions were targeted with DrDOS attacks. This resulted in packet losses of up to 35% for customers that were not directly targeted. Fortunately, by February, carriers had already learned how to deal with such attacks.
On the other hand, service providers will have to be on guard since such attacks continue to become more and more sophisticated.
The figures in the report show that the largest DDOS attack observed in the first quarter of this year peaked at 421 Gbps and 122 millions of packets per second (Mpps). This particular attack took place on February 10.
A total of 463,621 attacks have been observed, over 90,000 of which were severe. Over half of the severe attacks, which are characterized by extreme traffic levels compared to the targeted organization’s typical baseline, targeted individual applications like HTTP servers and DNS.
It’s worth noting that the average attack mitigated by Black Lotus in Q1 2014 was at 2.7 Gbps and 1.8 Mpps.
“Historically, service providers have been able to operate without providing substantial security services to customers. That’s no longer viable, as threats proliferate and attackers find new ways to amplify the volume of their efforts,” noted Jeffrey Lyon, the founder and president of Black Lotus.
“To protect themselves and their customers, service providers must now also become security providers by offering integrated hosting and security services such as DDoS mitigation, intrusion defense, and incident response and remediation,” Lyon added.
The complete Black Lotus Threat Report for the first quarter of 2014 is available on the company’s website.