DDoS Attacks Peaked at 800Gbps Targets Gambling and Video Games Industry

According to security services provider Akamai, Distributed Denial of Service (DDoS) attacks are growing bigger in volume, and they have also become more targeted and increasingly persistent.

Akamai observed the largest DDoS extortion campaign, which impacted thousands of companies globally. In 2021 alone, more attacks over 50 Gbps than in all of 2019. The attacks of this scale can take almost anyone offline.

The largest of these were 800+ Gbps assaults: one at 824 Gbps, the other at 812 Gbps, both during the same day, February 24. Akamai also observed a 594 Gbps attack on March 5.

Threat actors continue to Expand their Sights

The number of customer attacks per month has continued at near-record volume, and have continued to see diversification of attacks across geographies and industries.

A recent analysis showed a 57% increase in the number of different customers attacked year over year.

Top DDoS Gbps Recorded/Mitigated Attacks

The most recent extortion attack — peaking at more than 800 Gbps and targeting a European gambling company — was the biggest and most complex seen since the widespread return of extortion attacks that kicked off in mid-August 2020.

Since the start of the campaign, show-of-force attacks have grown from 200+ Gbps in August to 500+ Gbps by mid-September, then ballooned to 800+ Gbps by February 2021.

Likely DDoS extortion attacks. Bubble size = Mpps; color = extortion attack profile.

As reported by Akamai Security Intelligence Response Team’s threat advisory released March 23, 2021, the criminal actors used a previously unseen DDoS attack vector that leveraged a networking protocol known as protocol 33, or Datagram Congestion Control Protocol (DCCP).

This attack is akin to a SYN flood in DCCP, but in this case, is volumetric. Threat actors abuse protocol 33 in an attempt to bypass defenses focused on traditional Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) traffic flows.

The new DCCP DDoS attack vector is just the latest example of protocol abuse discoveries made by the Akamai SIRT.

The 2021 DDoS campaigns have become more targeted and much more persistent. The attackers were persistently looking for weaknesses in defenses to exploit, as well as trying different attack vector combinations. In one attack, the threat actors targeted nearly a dozen IPs and rotated through multiple DDoS attack vectors trying to increase the likelihood of disrupting the back-end environments.

DDoS attack Forecast Continues to Anticipate Attack Growth on Four Fronts:

  • Number of DDoS attacks
  • Number of large DDoS attacks (> 50 Gbps)
  • Number of industries targeted with DDoS
  • Number of organizations targeted with DDoS
Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Bondnet Using High-Performance Bots For C2 Server

Threat actors abuse high-performance bots to carry out large-scale automated attacks efficiently. These bots can…

18 hours ago

Discord-Based Malware Attacking Orgs Linux Systems In India

Linux systems are deployed mostly in servers, in the cloud, and in environments that are…

18 hours ago

New Moonstone Sleet North Korean Actor Deploying Malicious Open Source Packages

In December 2023, we reported on how North Korean threat actors, particularly Jade Sleet, have…

20 hours ago

Life360 Breach: Hackers Accessed the Tile Customer Support Platform

Life360, a company known for its family safety services, recently fell victim to a criminal…

22 hours ago

Microsoft Delays Release of Controversial Windows AI Recall Tool Amid Privacy Concerns

Microsoft has announced that it will delay the broad release of its AI-powered Recall feature…

1 day ago

SmokeLoader – A Modular Malware With Range Of Capabilities

Hackers misuse malware for diverse illicit intentions, including data theft, disrupting systems, espionage, or distortion…

2 days ago