In terms of DDoS attacks, 2019 has started with a bang! At the end of January reports surfaced of a massive DDoS attack that generated over 500 million packets per second, which was significantly larger than last year’s GitHub attack, which peaked at 129.6 million packets per second.
Cybercriminals are increasingly using application layer Distributed Denial of Service (DDoS) to attack their victims. Unlike a Layer 3-4 DDoS attack that consumes network bandwidth, an application layer or L7 attack can be much smaller in traffic volume and can go unnoticed until too late. This type of attacks effectiveness lies in its ability to mimic genuine HTTP request traffic, usually going unnoticed until it too late. Application layer attacks of this nature are often part of a wider multi-vector DDoS that looks to disrupt different parts of a victim’s infrastructure.
A UDP flood is a type of volume based DDoS (Distributed Denial of Service) attack, where large numbers of UDP (User Datagram Protocol) packets are sent to a target server, limiting its ability to carry out its functions. UDP traffic doesn’t require a three-way handshake to make a connection like TCP (Transmission Control Protocol), it runs with lower overhead and is ideal to carry data that doesn’t need to be checked and rechecked, such as VoIP. This means it is easier for attackers to generate large traffic volumes with tools like Low Orbit Ion Cannon (LOIC) and UDP Unicorn.
Steve is an experienced technical B2B cyber security specialist and Director. Steve is a frequent speaker on topics including security breaches, big data analytics, audit and compliance, and IT forensics.
A Distributed Denial-of-Service DDoS attack occurs when high rate machine generated traffic, usually from compromised systems, floods the resources of a targeted system such as a webserver, making the service unusable by legitimate users. There are many reasons for hackers/hacktivist/state actors to initiate a DDoS attack – to damage a brand, to limit web based sales, to protest or for notoriety. After the initial incident response and triage, important questions will be asked, chief among them, what did the DDoS attack cost?
We are using cookies to provide statistics that help us give you the best experience of our site.
Cookies are short reports that are sent and stored on the hard drive of the user's computer through your browser when it connects to a web. Cookies can be used to collect and store user data while connected to provide you the requested services and sometimes tend not to keep. Cookies can be themselves or others.
There are several types of cookies:
Technical cookies that facilitate user navigation and use of the various options or services offered by the web as identify the session, allow access to certain areas, facilitate orders, purchases, filling out forms, registration, security, facilitating functionalities (videos, social networks, etc..).
Customization cookies that allow users to access services according to their preferences (language, browser, configuration, etc..).
Analytical cookies which allow anonymous analysis of the behavior of web users and allow to measure user activity and develop navigation profiles in order to improve the websites.
So when you access our website, in compliance with Article 22 of Law 34/2002 of the Information Society Services, in the analytical cookies treatment, we have requested your consent to their use. All of this is to improve our services. We use Google Analytics to collect anonymous statistical information such as the number of visitors to our site. Cookies added by Google Analytics are governed by the privacy policies of Google Analytics. If you want you can disable cookies from Google Analytics.
However, please note that you can enable or disable cookies by following the instructions of your browser.