Warning: DDoS attacks are becoming more dangerous both in scale and complexity

Although the form of attack is not new, DDoS is always considered as the leading threat to organizations and businesses worldwide. According to the latest report by the security organization NBIP, both the complexity and scale of DDoS attacks in 2019 have increased significantly compared to 2018, although the number of attacks has decreased slightly, leading to the damage they cause is still enormous.

Less quantity but more complexity and scale

Overall, the number of enterprise-level DDoS attacks recorded by NBIP in 2019 is 919, slightly down from 938 in 2018. However, the worrying issue lies in where attacks are becoming larger and more complex. 'The biggest attack we observed in 2019 had traffic up to 124Gbps - a horrible number. While the most complex attack recorded also used a combination of up to 30 vectors, i.e., 30 different methods just to execute a single DDoS attack , '' Octavia de Weerdt, executive director of NBIP, said.

The above figures become even more frightening when compared to the statistics of 2018. Specifically, the largest DDoS attack that NBIP recorded in 2018 'only' stopped at 68Gbps. While in the difficulty aspect, the most complex attack statistically 'only' possesses the maximum number of vectors as 12. These are big differences that are also difficult for professional cyber security analysts. Can give an immediate explanation.

A persistent and disturbing trend

In fact, the increasing complexity and scale of DDoS attacks is consistent with a dangerous trend that has persisted in the field of security - network security in the past few years. For example, 2017 did not have any DDoS attacks of 40Gbps and above. In contrast, in 2019, on the list of the 10 largest DDoS attacks recorded, there were no cases below 40Gbps.

It is no exaggeration to say that there is a 'fierce' arms race related to DDoS attacks. Attackers are increasingly looking for holes and new ways to perform a 'quality' DDoS attack, helping them to achieve their goals quickly.

The purpose behind DDoS attack campaigns is primarily to disrupt or disrupt online services. Hackers will try to overwhelm their target, websites and online services. Users have difficulty, or even cannot access these websites and services. Over time, it depletes system resources, enabling attackers to gain control of the system.

In contrast, organizations and businesses - victims of DDoS attacks - are increasingly investing heavily in defense systems and reducing the risk of DDoS attacks. This arms race will not be over soon, at least in the next few years, and the victory seems to be in favor of hackers, simply because this is the party that takes the initiative.

In the first quarter of 2020, NBIP also observed a DDoS attack of 140Gbps, along with a series of very large attacks, from 40Gbps and above. Therefore, it is not surprising if the statistics of 2020 continue to beat the records of previous years.