The second quarter of 2020 witnessed an unprecedented increase in DDoS attacks compared to the same period last year. According to Nexusguard Q2 2020 Threat Report, there has been a nearly 570% increase in bit-and-piece DDoS attacks in the Q2 of 2020. Bit-and-piece attacks result from injecting doses of junk traffic of negligible size into a large pool of IP addresses across hundreds of IP prefixes, which eventually paralyze the target when the junk traffic starts to accumulate from different IPs.
According to the report, attackers leveraged “bit-and-piece attacks to launch various amplification and elaborate UDP-based attacks to flood target networks with traffic.”
Key Findings
- 515% increase in DDoS attacks overall, compared to the same quarter last year
- 51% of bit-and-piece attacks were smaller than 30Mbps
- Bit-and-piece DDoS attacks increased more than 310% compared to the previous quarter
The analysts from Nexusguard also stated that unlike the often seen attacks the newfound ones were using much smaller sizes, where more than 51% of bit-and-piece attacks were smaller than 30Mbps. Due to this, the communications service providers (CSPs) were forced to subject entire networks of traffic to risk mitigation. The entire processes are too much for CSPs to handle making typical threshold-based detection difficult and even more difficult to pinpoint the specific attacks to apply the correct mitigation.
One of the best methods for CSPs to handle these fiascos is to switch to deep learning-based predictive models to quickly identify malicious patterns and mitigate them at the earliest.
“Increases in remote work and study mean that uninterrupted online service is more critical than ever,” said Juniman Kasman, Chief Technology Officer for Nexusguard. “Cyberattackers have rewritten their battlefield playbooks and craftily optimized their resources so that they can sustain longer, more persistent attacks. Companies must look to deep learning in their approaches if they hope to match the sophistication and complexity needed to effectively stop these advanced threats.”
Blending Multiple Attack Vectors
Earlier, hackers used bit-and-piece attacks only with single attack vectors making the attacks based on that vector and easier in mitigation. Lately, hackers are blending multiple attack vectors to launch a wider range of UDP-based attacks making them harder for CSPs to detect. In scenarios like these, CSPs also find it difficult to differentiate between malicious traffic and legitimate traffic.