<img alt="" src="https://secure.leadforensics.com/89462.png" style="display:none;">

DDoS Threat Report 2019 Q3

DNSSEC (Domain Name System Security Extensions) remain the main driver of growth of DNS amplification attacks in the quarter, yet our analysts have detected a sharp and concerning rise in TCP SYN Flood attacks. TCP SYN Flood is not a new method, but findings indicate that techniques have grown in sophistication and have emerged as the third most used attack vector, behind DNS amplification and HTTP flood attacks.

  • SYN Flood reflection not only hits targeted victims, but also can impact innocent users, including individuals, businesses, and other organizations. As a result, bystanders can incur hefty fees for bandwidth consumed by junk traffic, or even suffer from secondary outages.
  • Even plain-vanilla network attacks could be turned into complex, stealthy attacks leveraging advanced techniques, from the bit-and-piece attacks, also known as carpet bombing.
  • Enterprise networks and telcos must take heed of the resurgence of old threats to avoid junk traffic consuming user bandwidth.
2019_Q3

In Type 1 (56.36% of SYN Flood attacks in Q3), an attacker mobilizes a huge number of random, spoofed IP addresses to send an enormous volume of SYN requests to a single IP, causing the victim server to respond with SYN-ACK packets to voluminous malicious requests. In Type 2 (33.24% of SYN Flood attacks in Q3), an attacker leverages a large, fixed pool of real IP addresses (e.g., servers, routers, IoT devices) to generate malicious SYN packets to hit one destination IP per attack. In Type 3 (10.40% of SYN Flood attacks in Q3), multiple, fixed spoofed-source IPs are used to abuse two destination IPs.

You may be interested in

DDoS Statistical Report for 2021

In 2021, the total attack count and average attack size both fell by 13.32% and 50.00% respectively compared to the figures registered in 2020. Compared to 2020, the maximum attack size increased by 296.62%, with the maximum attack size clocking in at 699.20 Gbps. Besides, Read More >

DDoS Threat Report 2021 Q3

Q3 saw a notable trend in which attackers launched DDoS attacks at single targets within a CSP, attributing an attack size increase of 544% QoQ and 232% YoY. Over 55% of attacks focused on hitting a specific service with high volumes of traffic simultaneously, and according to our research, sever...

DDoS Threat Report FHY 2021

Small bit-and-piece DDoS attacks boomed by 233% in the first half of 2021. As the pandemic carried on into 2021, hackers experimented with new attack patterns to avoid signature-based detection. More than 99% of all DDoS attacks were smaller than 10Gbps, as we had predicted in 2020. These small, ...

Annual Threat Report 2020

This annual report is to review a year that was defined by arguably the worst pandemic the world has seen in 100 years. We look back at some of the key insights, findings and trends covered in our previous quarterly reports, and how COVID-19 impacted not only cybersecurity, but also the way we no...

DDoS Threat Report 2020 Q3

The increase in online gaming attracted attention from attackers, resulting in nearly 77% of cyber attacks targeting online gaming and gambling industries in Q3 2020. More than a third of these entertainment attacks focused on online gaming targets. Nexusguard analysts also reported a 287% increa...