DigiCert revealed today that over the last month it has thwarted two separate distributed denial of service (DDoS) attacks that peaked at more than 2.4 and 3.7 terabits per second (Tbps).
Carlos Morales, senior vice president and general manager for DDoS and application security at DigiCert, said both attacks were thwarted by UltraDDoS Protect network but it’s also now a matter of time before these attacks might one day peak at 20-Tbps or higher.
The first 2.4-Tbps attack was aimed at an organization based in the Europe and Middle East (EMEA) region and had an impact of 553 Million packets per second (Mpps). The second 3.721-Tbps attack was aimed at an organization in the U.S. that had a 336 Mpps attack, with peak traffic rates lasting more than two minutes.
The attack sources were widely distributed with the United States, Mexico, Canada, Japan, Israel and Taiwan being the sources of most of the traffic, with approximately 3 Gbps per aimed at the IP destination by the 3.7-Tbps attack.
There were also multiple smaller follow-on attacks after the initial surge, and all traffic was destined to port 443 which is the default for most web traffic, so it could not be simply filtered at the network border.
The DigiCert UltraDDoS Protect provides more than 15-Tbps of dedicated DDoS bandwidth to thwart these types of attacks, but it’s probable DDoS networks will need to scale higher to thwart DDoS attacks that are only going to increase in volume as cybercriminals continue to harness insecure infrastructure in the Internet of Things (IoT) era to launch carpet bombing types of attacks, said Morales.
In fact, with the rise of various illicit bot services it’s never been easier for cybercriminals to launch a DDoS attack, noted Morales. More troubling still, cybercriminals will also soon be using artificial intelligence (AI) to discover even more insecure devices to compromise, which will help fuel even larger attacks, he added.
Ultimately, any company that is relying on the Internet to drive revenue is at risk of a DDoS attack that could cripple their operations. It’s not clear how many organizations are not relying on some type of DDoS protection service to thwart these attacks, but as the volume and frequency of these attacks increases it is all too apparent that cybercriminals are enjoying enough success to warrant the effort, especially as the cost of launching these attacks continues to decline. In effect, these attacks are reaching a level of intensity that is going to be beyond the ability of any enterprise to thwart themselves, said Morales.
Hopefully, there will come a day when law enforcement officials working in collaboration across jurisdictions will be able to take down the botnets that are used to launch these attacks. In the meantime, however, cybersecurity teams at this point should assume it’s not only a matter of time before their organization is targeted. The issue then becomes determining how much protection will be needed based on the actual risk to the business a specific DDoS attack might represent.
