YOU ARE AT:SecurityDDoS trends: Volumetric attacks are on the rise

DDoS trends: Volumetric attacks are on the rise

AT&T: ‘Volumetric attacks could hit new peaks’

Distributed denial-of-service (DDoS) attacks refer to a malicious actor or actors temporarily or indefinitely disrupting services of a host connected to a network to render an entire network or website unavailable. DDoS attacks typically target edge network devices like routers and switches, rather than individual servers, and the impact of such an attack can include things like loss of productivity and critical services or communications, extensive costs associated with remediation and downtime, as well as damage to brand reputation.

There are three distributed denial-of-service (DDoS) attacks considered to be the most common — protocol attacks, application layer attacks and volumetric attacks. The first involves the part of a network that verifies incoming connections; the second targets the application layer of a website; and the third occurs when bad actors swamp a server’s open ports with fake data requests.

During a volumetric attack, the network is flooded with data packets, which completely saturate the available network bandwidth. As a result, the network does not have the available resources to verify the other, legitimate requests coming through. This leads to extensive service disruption and failure for users trying to access the network.

In an August 2022 report, cybersecurity service provider Radware detailed how the company mitigated a volumetric carpet-bombing attack that lasted 36 hours and represented a total volume of 2.9 PB. The attack peaked at 1.5 Tbps with a sustained attack rate of more than 700 Gbps for more than eight hours. Radware claimed this was one of the most significant DDoS attacks on record due to the combination of duration, the volume and the average/sustained attack rates.

While Radware noted that all types of DDoS are increasing — malicious DDoS attacks climbed 203% compared to the first six months of 2022 — many sources have noted that large-scale volumetric attacks, in particular, are on the rise.

In fact, according to the latest AT&T Cybersecurity Insights report, volumetric attacks could “hit new peaks” in the coming years because the increase in number of devices mean more opportunities for malicious actors to corral and the amount of bandwidth at their disposal.

“If they have not already, enterprises should make sure that their DDoS defenses can plausibly handle an attack of unforeseen size,” warned AT&T. “A network service provider, aided by a network with the scale to absorb large attacks, can also provide complementary services for DDoS protection.” The carrier further pointed out the importance of powering up firewalls on demand and detecting and mitigating DDoS attacks in the early stages.

ABOUT AUTHOR

Catherine Sbeglia Nin
Catherine Sbeglia Nin
Catherine is the Managing Editor for RCR Wireless News, where she covers topics such as Wi-Fi, network infrastructure, AI and edge computing. She also produced and hosted Arden Media's podcast Well, technically... After studying English and Film & Media Studies at The University of Rochester, she moved to Madison, WI. Having already lived on both coasts, she thought she’d give the middle a try. So far, she likes it very much.