This article is more than 1 year old
500Gbps DDoS attack flattens world record
Booter blasters belt businesses.
The world's largest distributed denial of service attack has been clocked at 500Gbps, according to Arbor Networks.
The attack was reported by a third party and is yet to be analysed, other than in terms of its size.
British teen Seth Nolan-Mcdonagh likely held the title for the previous largest DDoS, which came in at 300Gbps. He was arrested and ducked jail after he knocked SpamHaus off the internet.
The annual Arbor survey (PDF) (or here if you want to hand over some data before downloading) gathered 354 responses from service providers, hosts and mobile service providers around the world in the 12 months to November last year.
"The largest attack reported by a respondent this year was 500Gbps, with other respondents reporting attacks of 450Gbps, 425Gbps, and 337Gbps," the report states.
"This continues the trend of significant growth in the top-end size of DDoS attacks year-over-year.
"Last year, we highlighted that 20 percent of respondents reported attacks over 50 Gbps … this year nearly one-quarter of respondents report peak attack sizes over 100 Gbps."
Five respondents said they detected DDoS attacks above 200Gbps with a large number reporting attacks over 100 Gbps.
Arbor Networks notes attacks against cloud-based services are rising, up by a third over the previous year.
Reflection and amplification attacks exploiting vulnerabilities in the network time protocol remain popular. Servers are continually being patched against the attack which allows attackers to gain a large response to a small query and direct it at a target of their choosing.
“... the findings from this report underscore that technology is only part of the true story since security is a human endeavour and there are skilled adversaries on both sides," Arbor Networks security chief Darren Anstee says.
The network security outfit says DDoS attackers are more motivated by financial extortion than the hacktivism or vandalism prevalent in past years, launching more complex multi-vector simultaneous attacks against infrastructure, applications, and services.
Almost all respondents found application-layer DDoS attacks, mostly targeting DNS services rather than web servers.
Those DNS attacks caused customer outages in a third of cases compared to a quarter the previous year.
More than half of respondents said DDoS attacks saturated their internet connectivity, knocking over enterprise stateful and inline firewalls. Arbor says those devices are often the first victims of DDoS attacks and being inline actually add to network latency. ®