Featured Story
Intel and telcos left in virtual RAN limbo by rise of AI RAN
A multitude of general-purpose and specialist silicon options now confronts the world's 5G community, while Intel's future in telecom remains uncertain.
Intended victim experienced no downtime despite attacker's persistence. #pressrelease
August 9, 2022
DENVER – In its quarterly report on Distributed Denial of Service (DDoS) attacks, Lumen Technologies (NYSE: LUMN) revealed the company mitigated one of its largest ever – a 1.06 terabits per second (Tbps) attack that was part of a larger campaign targeting a single victim. Despite the size and complexity of the attempted attack, the target experienced no downtime.
Size was not the only notable element of the failed attack; it was also part of a larger campaign in which the threat actor attempted to leverage multiple techniques. These techniques are called out in the report as emerging trends in the second quarter.
Trend #1: Leveraging the cloud
Attackers leverage cloud-based services in a fraudulent way to significantly boost their attack capability.
To be successful at this type of attack, cybercriminals mask their acquisition and control of cloud-based services through compromised hosts or anonymizing services. The attacker then abuses the cloud providers’ resources to launch volumetric attacks against their intended victims.
To learn how to avoid being a victim of compromised cloud services, read the full Q2 DDoS report.
Trend #2: Hit-and-run
Analysis from Black Lotus Labs revealed the 1.06 Tbps attack was part of a larger campaign that lasted 12 minutes. It began when the threat actor attempted to deploy a series of “hit-and-run” attacks. With this technique, victims are typically targeted with a series of consecutive or concurrent attacks that are relatively small in size and duration. Threat actors deploy these attacks to assess a potential victim’s defenses and determine which attack methods – if any – will be successful.
The longest campaign Lumen mitigated in Q2 lasted 21 days, 8 hours.
Learn how to protect against hit-and-run attacks with Lumen DDoS Mitigation services.
Trend #3: VoIP targeting continues
Late last year, several researchers (including Lumen) began reporting on a rise in attacks targeting VoIP providers. In Q2 2022, one attack vector – Session Initiation Protocol (SIP) – stood out in the data. Although the number of SIP attacks that Lumen mitigated was relatively small – just 1.84% of all mitigations – they represented a 315% increase over Q1 2022, and a 475% increase over Q3 2021.
While the number of SIP attacks is low compared to tried-and-true methods, attacking SIP is considered a more surgical approach to disrupting VoIP services compared to DDoS brute-force methods like TCP-SYN flooding and UDP-based amplification. For more information about Lumen’s previous research into VoIP attacks, read our Q4 2021 DDoS report.
Read the full press release here.
You May Also Like