banner
Nov 25, 2021
15 Views
0 0

DDoS threats linger as peak holiday shopping begins

Written by
banner

There is no sleep for the wicked: Any time companies and security teams ready for vacation, threat actors make their moves. CISOs already live by an “always on” credo, and the all but guarantee of DDoS attacks will likely add to their responsibilities overseeing business continuity.
In 2016, Cloudflare observed and mitigated an 8.5-hour long DDoS attack the day before Thanksgiving, only for the activity to repeat on the holiday and through Cyber Monday. The U.S. was the primary target of the attack. 
Successful DDoS attacks are ones that are effective in mimicking legitimate traffic, which for retailers means bots “might browse around the site and add items to a shopping cart but never checkout,” Donahue said. 
An estimated 86% of consumers will shop this holiday weekend, according to ICSC, and reported by Cybersecurity Dive’s sister publication Retail Dive. Half of consumers will shop exclusively online. 
Retailers will have individualized approaches to prepare for Black Friday and Cyber Monday internet traffic, but reserving capacity is one common strategy, Donahue said. 
DDoS attack trends have been growing this year, before holiday internet traffic spikes. U.S. companies were the most targeted organizations in the world for DDoS attacks in Q2 and Q3 of 2021, according to a Cloudflare report of DDoS trends. Cloudflare calculates its DDoS trends by analyzing the percentage of attack traffic of total “clean” traffic. Cloudflare uses the metric for application- and network-layer DDoS attack trends, so biases do not creep into datasets. 
Meris — a record-breaking HTTP DDoS attack of 17.2 million requests per second (rps) — dominated Q3. The botnet targeted the financial services industry, after threat actors exploited an unpatched vulnerability in the MikroTik RouterOS. The patch has been available since 2018. 
In the last two years, attacks measured by bits per second have increased 138% year over year, and packets per second increased by 1,174% year over year, Cloudflare found. Cloudflare observed its largest attack earlier this month, which reached nearly 2 terabit-per-second (Tbps). 
“At some point, you have a large enough network where you can absorb huge attacks, but a high rate of packets can be problematic for the operating system that has to process them,” said Donahue. “And a high rate of requests can be problematic for the application that has to receive and respond to them.” 
Cloudflare differentiated DDoS attacks by the volume of traffic it delivers measured by bit rate or the number of packets it delivers. High bit rates overwhelm an internet link, whereas high packet rates target servers, routers or in-line hardware. The majority of attacks in Q3 measured at 50,000 packets per second and attacks are growing larger quarter over quarter. 
Follow on Twitter
Get the free daily newsletter read by industry experts
The pandemic created more business opportunity, but malicious actors dogged the company's technology stack. Now, the very same products touted as security defense tools are under fire. 
"PrintNightmare is just like the flipping gift that keeps on giving," Jason Slagle of CNWR IT Consultants said. "You can get popped by it, and then literally every week there's some sort of update." 
Subscribe to Cybersecurity Dive for top news, trends & analysis
Get the free daily newsletter read by industry experts
Want to share a company announcement with your peers?
Share your announcement
The pandemic created more business opportunity, but malicious actors dogged the company's technology stack. Now, the very same products touted as security defense tools are under fire. 
"PrintNightmare is just like the flipping gift that keeps on giving," Jason Slagle of CNWR IT Consultants said. "You can get popped by it, and then literally every week there's some sort of update." 
The free newsletter covering the top industry headlines

source

Article Categories:
Cybersecurity News
banner

Comments are closed.