Library Technology – Reviews, Tips, Giveaways, Freeware

Multi-Vector DDoS Threats: Ways of Treatment

Posted In Security - By Techtiplib on Thursday, May 29th, 2014 With No Comments »

DDoS attacks are no longer one-dimensional. An emerging trend of the new year is the use of multi-vector DDoS attacks to circumvent and overwhelm target defenses. A new report from security provider Incapsula shows that these varied and diverse attacks are steadily becoming the newest fad of the hacking community.

Multi-Vector DDoS Threats: Ways of Treatment

Image credit: www.h3c.com

What are Websites up Against?

Multi-vector attacks combine two or more different DDoS methods in tandem to increase their chances of success.

Single-vector attacks are quickly getting phased out of the hacking industry. Incapusla’s research showed that only 19% of events in the last 3 months involved just one attack method. Close to 40% of attacks over the same period used 3 or more vectors.  

This push towards multi-vector attacks is not surprising from a financial standpoint as well; it is easier and more affordable than ever to commandeer botnets.  Even easy-to-use DDoS apps are appearing in the hacking market.

How Multi-Vector Attack are Used

Network Layer attacks (layers 3 and 4) are commonly deployed in combination with other methods to create powerful multi-vector assaults 

Experts have noticed a sharp rise in Combo SYN floods as of late. In these instances, hackers start by sending many small SYN packets to deplete network resources, and then hit again with large SYN packets to saturate the target network. About 75% of recent large scale attacks (reaching at least 20 Gbps) use Combo SYN.

Security professionals also see SYN floods employed as tactical “smokescreens”, drawing attention away more dangerous attack methods that are soon to follow.

This was the case back in October when Incapsula recorded one of the biggest DDoS events in history. SYN flood was just the beginning. The initial strike was nothing more than a “trial and error” run, designed to bring out the target’s defense and perhaps give away telling information about its security mechanisms. The hackers came with wave after wave of assaults, pinpointing specific objects in the Application Layer while turning up the strength of the Network floods. 

This example demonstrates that to maintain a modern website, you must be ready for anything. When the dust had settled, Incapsula mitigated an attack that reached over 100 Gbps of network force and brought out several DDoS vectors. Incapsula’s defense professionals had to respond to evolving threats in real time. This particular attack lasted for weeks. 

Current-Gen DDoS Protection

Even an experienced IT member will no longer cut it when it comes to the defense of your website. The best security services nowadays offer cloud-based protection, as well a powerful network. Your security system must also be able to differentiate between good bots and bad bots used for DDoS. Modern defense requires brain and brawn.

But when it comes down to it, the best defense against multi-vector threats is experience. Even a strong network or advanced security technology is useless without the proper defense administrator behind the control panel. 

More contents in:

About - Hey, this blog belongs to me! I am the founder of TechTipLib and managing editor right now. And I love to hear what do you think about this article, leave comment below! Thank you so much...