The DDoS attacks are devastating businesses all around the globe. They are coming each time more potent and last longer, without any sign of going away. Even the big companies are not safe from them. Cybercriminals have diverse tactics and use different protocol vulnerabilities, extensive networks of bots, and amplification methods.
Having a large network of DNS servers and advanced DDoS protection was not enough in these 4 DDoS attacks in recent history. Here you can see how bad could it be to receive a DDoS attack.
2.3 Tbps DDoS attack against Amazon in 2020
The large DDoS attack happened in February 2020, and Amazon’s AWS said it was the largest ever recorded DDoS attack in history with its 2.3 Tbps*. The attack used CLDAP reflection (a known UDP reflection vector) to amplify the attack. Apparently, the cybercriminals used the vulnerability well when you think about the power of their attack. It lasted for 3 days, which is not a lot, and Amazon’s claim that there was no downtime, but still, such an attack can bring down many servers.
*At that time, the attack on Google from 2017 was not public yet.
2.54 Tbps DDoS against Google in 2017
Can you believe that in 2017, there was such a huge DDoS attack?! 2.54 Tbps is still the record of the strongest DDoS traffic ever recorded. Google came out about the attack long after it happened. Whole 3 years later! What we know about the attack is that most of the traffic originated in China. There were 167 million packets per second that were attacking 180000 targets. Immense numbers! Google says that it had no impact on its services, and there were no negative consequences.
6 Mrps against Google’s client in 2020
Google and people who are using their services don’t have it easy when it comes to DDoS attacks. A massive flood attack of 6 Mrps (millions of requests per second) and 690 Mpps (mega packets per second) happened last year. That was extremely unexpected to see such a massive IoT DDoS attack. What we can see of this case is that in the future, we can expect even stronger attacks with more requests per second and a bigger traffic size.
Ransom DDoS attacks on the rise in 2021
Did you know about the Ransom DDoS attacks? Cybercriminals target a company’s servers and send massive traffic coming from multiple sources until the servers can’t respond anymore. Typical DDoS attack, but the twist here is that these attacks can last months, and the goal of the criminals is to get a ransom for stopping it. According to John Chambers from JC2 Ventures, there will be at least 65 000 ransom DDoS attacks in 2021. A popular hacking group that is often related to this type of attack is Fancy Lazarus. They ask for between 2 and 5 bitcoins as a payment. Other previous names they used were Fancy Bear, Lazarus, and Lazarus Group.
Conclusion
No matter the size or industry, we are all under constant DDoS threat. What can we do about it? Stop most of them. Having DDoS protection might not be a 100% guarantee for perfect defense, but it is still worth it. Imagine how many small, medium-sized, and even huge DDoS attacks can most of the DDoS protection stop. 99% uptime is a lot better than 90%! And, in case of a ransom attack, be prepared with a backup of your business. Better recover your computers than to pay and not to get a thing in return.