A report from the Incapsula cyber security organisation has highlighted the increasing scope and sophistication of criminal Distributed Denial of Services attacks against websites, recording that a recent assault on an unidentified Chinese gambling site involved multiple nine-vector, 470 Gbps, 110 million packet-per-second activity, some of the biggest and most complex ever recorded.
The publication The Register quotes Incapsula researchers Ofer Gayer and Igal Zeifman, who said:
“The assault was significantly complex by network layer standards, relying on a mix of nine different payload types. Such nine-vector assaults are very rare in our experience.
“Usually a perpetrator’s goal in using multi-vector attacks is to switch between different payload types in an attempt to bypass a mitigation service.”
The anti-DDoS firm says only 0.2 percent of attacks it saw in the first quarter of this year were multi-vector., and the attackers commenced with a 250 Gbps assault, incrementally boosting this to the heaviest levels yet experienced.
The siege was periodically varied by drops to smaller payloads to increase packet-per-second rates – a reportedly common tactic seen in many major attacks this year.
The Incapsula researchers observed that adopting these tactics can enable perpetrators to max out the processing power of current-generation mitigation appliances – a common weak spot.
Most of the attack traffic was SYN payloads, generic UDP, and TCP, The Register’s report reveals, noting that the Incapsula mitigation finally staved off the siege.