CIO Influence
Analytics Featured Networking Security

Cloudflare’s DDoS Threat Report Highlights Emergence of Hyper-volumetric Attacks and Botnets

Cloudflare's DDoS Threat Report Highlights Emergence of Hyper-volumetric Attacks and Botnets

For most CIOs and CISOs, the waiting time for adopting Zero Trust strategy is over. The fact that businesses are constantly facing ruthless attaches from everywhere, it is time to supercharge security frameworks against threats related to DDoS attacks. Security enablement company Cloudflare has arrived with DDoS Threat Report highlighting the size and volume of such attacks and how industries have fared against these attacks in the recent times. Here are some notable findings published in Cloudflare’s DDoS threat report 2023.

Recommended: Benefits of Embracing Edge Computing for CIOs

Rise in the Volume of High-performance Bot Attacks Using VPS 

Cyber attackers are minimizing their dependence on devices to launch DDoS attacks. These super-performance bots rely on Virtual Private Servers (VPS) that have replaced the Internet of Things (IoT) devices. When attackers gain access to unpatched VPS links, they can easily launch DDoS attacks using leaked API credentials. These botnets react quickly in launching high-volumetric attacks disabling even the best security frameworks once they gain access through Virtual Private Servers.

AIT-Mimecast-State-of-ransomware-readiness-report-2022.png

Sophisticated Attacks now Target DNS and UDP Traffic

Cloud blockades and internet downtime are common these days! Attackers are surfacing new types of attacks launched on the foundation of cryptographic DDoS, targeting critical IT infrastructure in some of the biggest organizations. These risk safety and data governance in healthcare, airlines, energy management, retail banking and education sectors. In fact, internet companies and telecom companies are top targets on cyber-attackers’ hitlist.

What’s changed in the last one year? 

The emergence of botnets to activate DNS DDoS attacks.

Hyper-volumetric DDoS attacks have peaked in the recent months. These attacks are purposefully designed to target and overwhelm internet networks and security scrubbing infrastructure with a very high volume of traffic. These attacks could last between 10 seconds to over 30 minutes– longer the attack, bigger is the threat of your internet services being eroded permanently. DDoS attacks of higher-volumetric range consume phenomenal bandwidth in serving the target service users through the internet. When the high-performance botnets are used to launch these attacks, your target network infrastructure is likely to collapse.

There are five major types of volumetric attacks:

According to Cloudflare, ransom DDoS attacks grew steadily by 60% YoY, however, these attacks were steadier and mild compared to last year. 16% of the respondents were attacked by a Ransom DDoS. Broadcasting agencies and non-profit organizations were the biggest ransomware targets.

A majority of these attacks originated from Finland, while a large percentage of HTTP DDoS attacks targeted Israeli firms and US-based organizations. Finland was also the main target of network-layer DDoS attacks.

Are Ransomware attacks and Ransom DDoS attacks same? 
No. According to Cloudflare’s DDoS threat report, ransom DDoS attacks are far more sophisticated than ransomware attacks, and they need far lesser expertise levels to execute on the target.
Targeted Ransomware Attack
Source: Mandiant (now part of Google Cloud)
While ransomware attackers can disable the internet network or IT systems by inserting a malicious code, it takes a high-performance botnet to do the same for DDoS attacks. Moreover, ransomware attacks do not follow up with large amount of traffic. In case of ransom DDoS attacks, victim’s internet bandwidth will totally collapse due to sudden traffic controlled by the high-performance botnet linked with Virtual Private Servers.
Recently, Cloudflare had announced new Zero Trust integrations with big enterprises . These include Atlassian, Microsoft, and Sumo Logic who avail of these new integrations to easily secure the tools and applications they rely on with enterprise-ready Zero Trust security. Cloudflare One SASE platform has been integrated with Atlassian’s Confluence and Jira Software products.
While DNS and Ransomware DDoS attacks are becoming prevalent, it is important for CIOs and CISOs to constantly keep a tab on the cybersecurity trends and features that could solve the global problems related to DDoS and phishing attacks. Mitigating these risks in time could solve billions of dollars for top-tier businesses, even as they start including AIOps and automation to secure internet and intranet assets faster than their attackers.
[To share your insights with us on trending IT and security topics, please write to us at sghosh@martechseries.com]

Related posts

Aquia Awarded Noblis Subcontract to Help Advance CMS Cybersecurity Objectives

CIO Influence News Desk

BigID Partner Program Drives Collaboration and Innovation for Data Across Security, Privacy, and Governance

CIO Influence News Desk

Daon Unveils xSentinel to Combat Voice Deepfakes as Part of AI.X Family

Business Wire