EMEA DDoS threat intensifies

F5 Networks has revealed data from its Security Operations Center (SOC) highlighting the growing scale and intensity of cyber-attacks in the region.  

  • 7 years ago Posted in
In 2016, the Warsaw-based SOC –which provides 24/7 DDoS, anti-fraud and Web Application Firewall (WAF) research and mitigation services – has handled and mitigated 8,536 DDoS instances alone.
 
One of the attacks featured among the largest globally – a 448 Gbps UDP/ICMP fragmentation flood destined using over 100,000 IP addresses were from multiple regions.
 
The incident highlights a growing trend for global coordination to achieve maximum impact, with IP attack traffic stemming largely from Vietnam (28%), Russia (22%), China (21%), Brazil (15%) and the USA (14%).
 
“The EMEA Security Operations Center has been experiencing rapid growth since launching in September last year, and it is entirely driven by the explosion of attacks across the region, as well as businesses realizing they need to prepare for the worst,” said Kamil Wozniak, F5 SOC Manager.
 
In Q1 (October – December), the SOC experienced a 100% increase in DDoS customers, compared to the same period last year. WAF customers were up 136%, and anti-fraud rose by 88%.
 
User Datagram Protocol (UDP) fragmentations were the most commonly observed type of DDoS attack in Q1 (23% of total), followed by DNS Reflections, UDP Floods (both 15%), Syn Floods (13%) and NTP Reflections (8%)
 
Gad Elkin, F5 EMEA Security Director, said: “Given the rise and variety of new DDoS techniques, it is often unclear if a business is being targeted. This is why it is more important than ever to ensure that traffic is being constantly monitored for irregularities and that organisations have the measures in place to react rapidly.
 
“The best way forward is to deploy a multi-layered DDOS strategy that can defend applications, data and networks. This allows detection of attacks and automatic action, shifting scrubbing duties from on-premises to cloud and back when business disruption from local or external sources is imminent at both the application and network layer.”
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...