The threat of IoT botnets was realized in 2016, which was popularized by Mirai, according to a study by Neustar. Mirai and similar types of malware compromise IoT device credentials to enroll them into botnets, which are activated by command and control servers.
As these code assemblies are published, new developments continue to emerge, such as persistent device enrollment, which enables botnet operators to maintain control of a device even after it is rebooted.
The study also reported that the frequency of DDoS attack mitigations b the company increased 40 percent in 2016 compared to the same period of time in 2015, according to a study released by the company.
“With DDoS attacks predicted to become even more complex and ferocious in 2017, increasingly digital organisations within Asia-Pacific will be exposed to more frequent and severe cyber-attacks,” said Robin Schmitt, General Manager, APAC at Neustar.
Multi-vector attacks, which combine attack vectors to confuse defenders and supplement attack volume, also increased 322 percent and accounted for 52 percent of the attacks mitigated by Neustar. UDP, TCP and ICMP comprise the three most popular attack vectors, which were leveraged in more than 50 percent of attacks.
The report also showed that DNS-based attacks increased 648 percent with many attackers leveraging DNSSEC amplification to generate massive volumetric pressure.
Previous Neustar research, “DNSSEC:
How Savvy DDoS Attackers Are Using Our Defenses Against Us,” determined that the average DNSSEC amplification factor for a DNSSEC signed zone was nearly 29 times greater than the initial query.
“In the world of DDoS defence, having the wrong solution or inadequate capabilities can be the difference between reading the news and making the news. Organizations in APAC need to invest in technologies and services that specifically combat such attacks or risk significant financial loss and reputational damage,” said Schmitt.