Examining One of the Largest DDoS Attacks of the Year

This coordination, resources, sustained interest and focus on a key industry point to how the surge in DDoS is likely linked to state actors
DDoS platform provider Akamai Prolexic reported how the attack used multiple vectors, a distributed botnet and lasted for an unusually long 24 hours

The drama surrounding the surge in Distributed Denial of Service (DDoS) may have come to a head as Akamai Technologies reported preventing one of the largest such cyberattacks it has ever observed.

Although the largest ever recorded by Akamai Prolexic was 1.44 Tbps, this attack, characterised by its high volume and sophistication, was the sixth-largest DDoS peak traffic ever mitigated by the DDoS network security platform.

With the target in question being a major financial services company in Israel, and the fact that the high-volume attack persisted for almost 24 hours, shows the cybersecurity sector the challenge that lies ahead. 

Anatomy of the attack

The attack commenced at 8:05 UTC on 15 July 2024, and was unusual for both the length of the assault and the sophistication of the methods used.

The attack utilised a globally distributed botnet, targeting over 278 IP addresses simultaneously, indicating a highly sophisticated aggressor with substantial resources.

The attack employed multiple vectors, including UDP flood, DNS reflection, and PSH+ACK, among others. 

During the attack, Akamai blocked approximately 419 terabytes of malicious traffic, showcasing the significant resources and coordination behind the assault.

The initial phase involved a probing attack, followed by a three-hour intensive attack window. This sustained effort is atypical for DDoS attacks, which are often short-lived. 

In contrast, this attack demonstrated a commitment of resources and coordination rarely seen in the cybercrime world.

Geopolitical factors

This coordination, resources, sustained interest and focus on a key industry point to how the surge in DDoS is likely linked to state actors

According to recent reports by cybersecurity firms Imperva and F5 Labs, who reported DDoS attacks have surged over 100% in a year, regions of political conflicts were facing the highest levels of attacks. 

The issue this presents, however, is that with such attacks have potential state backing means traditional DDoS protections may prove inadequate when facing threats with such resources.

Youtube Placeholder

The Akamai report showed that their customer that withstood the July 15 attack had re-evaluated their DDoS defences after the incident and made the decision to switch to Akamai’s Prolexic platform out of concern about their earlier solution’s ability to handle large-scale attacks. 

Their forethought paid off as they were one of the only major financial institutions that didn’t experience sustained downtime during this attack wave.

“Although the DDoS attacks observed against financial institutions in Israel suggest a connection to the ongoing regional political conflicts, there is no way to make any predictions about who is more likely to be selected as a new victim,” the report noted

Lessons learned 

Akamai’s post-attack analysis has them believing organisations that rely solely on on-premises DDoS mitigation appliances or shared protection from hosting providers particularly vulnerable to attacks of this magnitude. 

Yet the event serves as a stark reminder of the ever-evolving threat landscape. Not only has DDoS attack frequency surged, but the sophistication and even duration of which has too. 

New defences may have to be considered, as geopolitical angles to the attacks mean they are seemingly more focused on a particular country than a particular company.

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand

Share

Featured Articles

TCS and Google Cloud Join for Solution to Secure the Cloud

TCS partners with Google Cloud to launch a range of AI-powered cybersecurity solutions to help businesses secure their clouds against advanced threats

Cybersecurity Conglomerate Reveals Threats Facing Consumers

Cybersecurity Conglomerate Gen quarterly report reveals shocking statistics like the fact that consumers are now increasingly at risk from Ransomware

Decoding the US' Most Misunderstood Data Security Terms

Kiteworks' results show a thirst from Americans to learn about the topics and terms that have been swirling around in the cybersecurity lexicon as of late

Orange Cyberdefense's Wicus Ross Talks Cyber Extortion Trend

Hacking & Malware

Palo Alto Networks Buy IBM's QRadar Assets in Win for SIEM

Network Security

Major Insurers Urge State Support To Secure Cyber Risk

Cyber Security