A new report released today shows that distributed denial of service (DDoS) attacks have increased dramatically in the first two quarters of 2018 compared to 2017. The increase in attacks is being attributed to large scale botnets being created by attackers using insecure IoT devices.
According to a report released by DDoS mitigation company NexusGuard, denial-of-service attacks have increased by 29% since Q2 2017, with the average attack size increased by 543% to 26.37 Gbps.
While the amount of attacks has seen a generous increase, the size of these attacks are even more concerning.
NexusGuard's report shows that the average size of attacks in Q2 2017 was 4.10 Gbps and the maximum was 63.70 Gbps. For Q2 2018, this average size has increased over 500% to 26 Gbps and the maximum size has increased to 359 Gbps.
The increase in attacks and their sizes is being attributed to attackers amassing giant botnets using insecure IoT devices. Attackers are using vulnerabilities in these devices to rapidly build large botnets that can then be used to perform targeted attacks that are increasingly difficult to stop.
For example, at one point the Mirai Satori botnet was seen from over 280,000 IP addresses over a 12 hour period and the newer Anarchy botnet was able to amass over 18,000 routers in a single day. These botnets were created by attackers exploiting vulnerabilities in routers such as ones made by Huawei & D-Link.
"In addition, severe botnet epidemics like last year’s Satori continued to threaten cyberspace by exploiting zero-day vulnerabilities," stated the reported by NexusGuard. "Since its high-profile attack on Huawei home routers in December 2017, Satori has wreaked havoc over the past few months on various IoT devices, including: GPON-capable routers manufactured by South Korea’s Dasan, D-Link’s DIR-620 routers, and XiongMau uc-httpd 1.0.0 IoT devices. Additionally, the quarter saw the emergence of the Anarchy botnet, which exploited zero-day vulnerabilities in a similar fashion as Satori."
The report provides some interesting statistics regarding the attacks seen in Q2 2018.