Neustar Research shows large attacks growing as multi-vector exploits increasingly become the norm
Neustar Security Operations Center (SOC) saw growth at both sides of the attack size spectrum with 77% of attacks using two or more vectors in Q1, 2019
APRIL 24, 2019 – STERLING, Va. – Neustar, Inc., a trusted, neutral provider of real-time information services, today released its Q1, 2019 Cyber Threats and Trends report which highlights new areas of growth in Distributed Denial of Service (DDoS) attacks over the past year.
The report affirms that DDoS attacks continue to be an effective means to distract and confuse security teams while inflicting serious damage to brands.
The report reveals that while volumetric attacks over 50Gbps remain a relatively small segment of the overall threat picture at only 12% of attacks, their frequency has grown enormously when compared to the same period in 2018. The latest attacks morph over the course of the attack using a variety of ports and protocols to locate and exploit vulnerabilities. In Q1, 2019, over 77% of attacks used two or more vectors.
In particular, the trend of targeting subnets and classless inter-domain routing (CIDR) blocks to slow or stop network traffic across the internet is a disruptive DDoS threat, identified in the report. By using DDoS methods aimed completely at subnets, rather than specific IP addresses, an attack is often more difficult to detect and mitigate. These attacks often feature multiple vectors, and will switch between them as they migrate from subnet to subnet.
Neustar handled a mitigation for just such an attack in an around-the-clock collaboration between SOC engineers and a new customer who was quickly onboarded by Neustar after being dropped [during the attack] by their Tier 1 Internet Service Provider (ISP).
“Today’s artificial intelligence and machine learning technologies enable us to identify anomalous traffic and patterns, correlate data across systems, and perform behavioral analytics on users and entities," said Rodney Joffe, Neustar Senior Vice President, Technologist and Fellow. “But none of these systems function without professionals who know how to deploy them, interpret their data, identify the existence and location of problems, and mitigate them.”
Such immediate personal involvement with expert engineers is a significant benefit in working with an established firm such as Neustar, particularly when under attack. “Neustar’s 10+Tbps of scrubbing capacity and variety of offerings are world class, and we have more power than ever to defend against the range of DDoS attacks,” said Michael Kaczmarek, Neustar Vice President of Security Products. “But it’s important to remember our most powerful defense: people.”
Neustar provides its customers with the resources and assurance that are needed to ensure data and infrastructure is continually protected against any type or size of DDoS attack. Neustar’s DDoS Mitigation Solutions offer the largest dedicated global network with over 10Tbps + of scrubbing capacity in North America, Europe, Asia, South America, Africa, Australia and India.
A complimentary copy of The Neustar Q1’19 Cyber Threats and Trends Report is available here.
Neustar, Inc. is a leading global information services provider driving the connected world forward with responsible identity resolution. As a company built on a foundation of Privacy by Design, Neustar is depended upon by the world’s largest corporations to help grow, guard and guide their businesses with the most complete understanding of how to connect people, places and things. Neustar’s unique, accurate and real-time identity system, continuously corroborated through billions of transactions, empowers critical decisions across our clients’ enterprise needs. More information is available at https://www.home.neustar.
Sheila S. Blackwell