TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

F5 Labs

The Global Playing Field is Leveling Out as Europe and Asia Take on More DDoS Attacks

2018-04-06 · Read original ↗

ATT&CK techniques detected

19 predictions
T1498Network Denial of Service
83%
"a mere $ 20, enabling anyone with a petty grudge to knock their target offline. in march, a new world record was set when github was the recipient of a 1. 35 tbps ddos attack launched from insecure memcached systems. f5 silverline security operations center ( soc ) is reporting a…"
T1498Network Denial of Service
83%
"q2 in 2016 and 2017, indicating there is a good chance emea ’ s percentage of the total will continue to rise, potentially surpassing north american targets for the first time. attacks by target industry web hosting providers and financial organizations have always been top ddos …"
T1498Network Denial of Service
80%
"this attack type is becoming increasingly popular with ddos attackers that use multiple vectors in their attacks to “ fill up the pipe ” by maximizing the packets and fragments being sent through it. the other attack types maintaining consistency are dns reflection, syn flood and…"
T1498Network Denial of Service
79%
"number of attacks received by month over the past two years, ddos is a year - round sport for attackers. september through december is typically the peak ddos season, however in 2017, we saw a rise in attacks from february through may. ddos attacks by type udp floods, a volumetri…"
T1498.001Direct Network Flood
68%
"continued for many days with the same attack pattern and vectors used, including : - cldap reflection - ntp reflection - dns reflection - snmp reflection - udp fragments - syn flood the top 10 source traffic countries remained the same throughout all attacks, which could indicate…"
T1498.001Direct Network Flood
64%
"number of attacks received by month over the past two years, ddos is a year - round sport for attackers. september through december is typically the peak ddos season, however in 2017, we saw a rise in attacks from february through may. ddos attacks by type udp floods, a volumetri…"
T1498Network Denial of Service
62%
"continued for many days with the same attack pattern and vectors used, including : - cldap reflection - ntp reflection - dns reflection - snmp reflection - udp fragments - syn flood the top 10 source traffic countries remained the same throughout all attacks, which could indicate…"
T1498Network Denial of Service
56%
"the global playing field is leveling out as europe and asia take on more ddos attacks it ’ s no surprise to anyone who ’ s following trends in the ddos industry that 2017 was absent a major world record - setting ddos event. the ddos industry, fresh off the tbps ddos attacks laun…"
T1498.001Direct Network Flood
55%
"this attack type is becoming increasingly popular with ddos attackers that use multiple vectors in their attacks to “ fill up the pipe ” by maximizing the packets and fragments being sent through it. the other attack types maintaining consistency are dns reflection, syn flood and…"
T1498.001Direct Network Flood
54%
"q2 in 2016 and 2017, indicating there is a good chance emea ’ s percentage of the total will continue to rise, potentially surpassing north american targets for the first time. attacks by target industry web hosting providers and financial organizations have always been top ddos …"
T1499Endpoint Denial of Service
48%
"a mere $ 20, enabling anyone with a petty grudge to knock their target offline. in march, a new world record was set when github was the recipient of a 1. 35 tbps ddos attack launched from insecure memcached systems. f5 silverline security operations center ( soc ) is reporting a…"
T1498.001Direct Network Flood
48%
"the global playing field is leveling out as europe and asia take on more ddos attacks it ’ s no surprise to anyone who ’ s following trends in the ddos industry that 2017 was absent a major world record - setting ddos event. the ddos industry, fresh off the tbps ddos attacks laun…"
T1498Network Denial of Service
45%
"targeted industries ; however, the gap is closing between them and other industries with the rise of cheap ddos - for - hire services that make it easy to target any type of business. - the f5 soc began mitigating application - ( versus network - ) targeted ddos attacks in q3 201…"
T1557.001Name Resolution Poisoning and SMB Relay
45%
"businesses across north america, emea and apac is 10 gbps. with the exception of february 2017, the peak attacks mitigated in 2017 and 2018 would saturate the circuit and take down the services of most businesses in the world ( with the exception of isps and ddos scrubbing statio…"
T1498.001Direct Network Flood
42%
"a mere $ 20, enabling anyone with a petty grudge to knock their target offline. in march, a new world record was set when github was the recipient of a 1. 35 tbps ddos attack launched from insecure memcached systems. f5 silverline security operations center ( soc ) is reporting a…"
T1499Endpoint Denial of Service
35%
"number of attacks received by month over the past two years, ddos is a year - round sport for attackers. september through december is typically the peak ddos season, however in 2017, we saw a rise in attacks from february through may. ddos attacks by type udp floods, a volumetri…"
T1499Endpoint Denial of Service
31%
"this attack type is becoming increasingly popular with ddos attackers that use multiple vectors in their attacks to “ fill up the pipe ” by maximizing the packets and fragments being sent through it. the other attack types maintaining consistency are dns reflection, syn flood and…"
T1499Endpoint Denial of Service
31%
"q2 in 2016 and 2017, indicating there is a good chance emea ’ s percentage of the total will continue to rise, potentially surpassing north american targets for the first time. attacks by target industry web hosting providers and financial organizations have always been top ddos …"
T1498Network Denial of Service
30%
"businesses across north america, emea and apac is 10 gbps. with the exception of february 2017, the peak attacks mitigated in 2017 and 2018 would saturate the circuit and take down the services of most businesses in the world ( with the exception of isps and ddos scrubbing statio…"

Summary

The latest DDoS trends include the return of large volumetric DDoS attacks, the rise of application targeted attacks, and businesses in Europe and Asia are growing targets.