Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Akamai Sees Largest DDoS Extortion Attack Known to Date

Distributed denial of service (DDoS) attacks are growing bigger in volume, and they have also become more targeted and increasingly persistent, according to web security services provider Akamai.

Distributed denial of service (DDoS) attacks are growing bigger in volume, and they have also become more targeted and increasingly persistent, according to web security services provider Akamai.

The recently observed assaults haven’t reached the magnitude of the largest DDoS attacks the company has mitigated to date, which have peaked at 1.35 Tbps in 2018 and at 1.44 Tbps in 2020, but three of them are among the six biggest volumetric DDoS attacks Akamai has ever encountered.

Akamai says the increased number of bigger volumetric DDoS attacks is, in fact, the new norm. Since the beginning of the year, the company has already observed more attacks peaking at over 50 Gbps than during the entire 2019.

The largest of these were 800+ Gbps assaults: one at 824 Gbps, the other at 812 Gbps, both during the same day, February 24. Akamai also observed a 594 Gbps attack on March 5.

These three attacks targeted a European organization in the gambling industry, and an Asian video game company. Among these attacks, there were two of the largest known DDoS extortion attacks to date, Akamai notes.

“The most recent extortion attack — peaking at more than 800 Gbps and targeting a European gambling company — was the biggest and most complex we’ve seen since the widespread return of extortion attacks that kicked off in mid-August 2020,” the company reveals.

Furthermore, Akamai has noticed that DDoS attackers are expanding their reach across geographies and industries, with the number targeted entities now being 57% higher than last year.

Unsurprisingly, threat actors are looking for new means to bypass defenses and cripple their target’s resources, including through the use of new attack vectors, such as the recently observed Datagram Congestion Control Protocol (DCCP), or protocol 33.

Advertisement. Scroll to continue reading.

Attacks leveraging this vector are similar to SYN floods in DCCP, but are volumetric in nature, and are meant to bypass defenses that focus on Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) traffic.

Overall, the 2021 DDoS campaigns are more targeted and more persistent, Akamai says. Several of these attacks have been targeted at the IP addresses of two specific customers and lasted several days, attempting to exploit any weaknesses in their defenses.

“In one attack, the threat actors targeted nearly a dozen IPs and rotated through multiple DDoS attack vectors trying to increase the likelihood of disrupting the back-end environments. In fact, 65% of DDoS attacks launched against customers were multi-vector,” Akamai says.

This year, an overall increase in the number of DDoS attacks is expected to be accompanied by a spike in large DDoS attacks (at more than 50 Gbps), with more organizations in more industries likely being targeted.

Related: Several DDoS Attack Records Broken in 2020

Related: Akamai Mitigates Record 809 MPPS DDoS Attack

Related: Google Targeted in Record-Breaking 2.5 Tbps DDoS Attack in 2017

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...