DDoS attacks report, Q2 2018

Page 1

DDOS ATTACKS REPORT

Q2 2018


Q2 2018 DDoS Attacks Report This report summarizes the latest DDoS attack trends that have occurred in the second quarter of 2018.

In the second quarter of 2018, it was observed that the attackers have found many different ways to exploit old vulnerabilities present in cameras, printers and other smart devices. The increasing activities of Linux-based and Windowsbased botnets, variation in top DDoS targeted countries and increased DDoS attack surface with the new types were noticed during the last quarter.

2018

It contains the statistics of DDoS attacks targeted by region, types of DDoS attack observed, its distribution and a summary containing most notable DDoS attacks of Q2 2018.


In Q2 2018, security researchers observed that the attackers exploited vulnerabilities present in the thousands of Universal Plug and Play (UPnP) devices and used those devices to target victims using amplification DDoS attack.

The UPnP protocol is still associated with a number of basic security problems which are prevalent across UPnP-enabled applications as well as the UPnP-network devices such as, lack of the authentication technology, too much exposure to mistrusted networks, common programming flaws, open remote/WAN access and UPnP-specific RCE vulnerabilities.

2018

Read More About: How Attackers Are Targeting a Vulnerability In UPnP


TOP GEOGRAPHICAL TARGETS According to the findings, the top 3 DDoS targeted countries were China, Hong Kong, and the United States. The attacks were distributed across the days of the week and most popular days were Tuesday and Thursday of the week.


DISTRIBUTION OF DDOS ATTACKS BY COUNTRY IN Q1 AND Q2 2018

For the first time, Hong Kong is under the top three most attacked countries, placed second. The most targeted victims in Hong Kong were hosting services and cloud computing platforms. China and the U.S. remained first and third respectively, while South Korea dropped down to fourth.


DISTRIBUTION OF DDOS ATTACKS BY TYPE IN Q2 2018

In the second quarter of 2018, it was observed that SYN Flood attacks held the topmost position with 80% followed by UDP attacks with 10.59% and TCP attacks with 4.50%. While in the first quarter of 2018 UDP attacks were at the topmost position with 27% and SYN Flood attacks were at the third position with 10%.


DISTRIBUTION OF DDOS ATTACKS BY WINDOWSAND LINUX-BASED BOTNET IN Q1 & Q2 2018

In the second quarter of 2018, it is noticed that activities by Windows-based DDoS botnets have been decreased and Linux based DDoS botnets have been increased by 94.47%.


NOTABLE DDOS ATTACKS OF Q2 2018 • On 27th June 2018, popular encrypted email provider ProtonMail was hit by DDoS Attack • On 27th May 2018 (Sunday), Dutch banks ABN Amro and Rabobank were hit by DDoS attacks. Their online banking services were unavailable for a time. The two Dutch banks were also targeted by such cyber attacks on Thursday (24 May). In January the Dutch Tax Authority, ABN Amro, ING, and Rabobank were all hit by multiple DDoS attacks • On 13th May 2018, Danish Railway Company DSB Suffered a DDoS Attack which struggled to serve passengers for several days • On 29th April 2018, online poker site was bombarded by the DDoS attack. One of the world’s oldest online poker website forced to pause its online tournaments after suffering a series of distributed denial-of-service attacks • On 12th April, the California based website security provider Sucuri Company suffered a series of massive DDoS attacks.


CONCLUSION

The most media type in the second quarter of 2018 was generated by politically motivated DDoS attacks From the targeted top 10 countries DDoS attacks said goodbye to Japan and Germany but welcomed Malaysia with 2.27% and Australia with 1.93%Â It is concluded that a significant increment in the number of DDoS attacks were observed in the middle of April month.

Resource https://securelist.com/ddos-report-in-q2-2018/86537/

Contact Info +91 120 4545 911 www.haltdos.com info@haltdos.com

2018

Researchers found that attackers are creating botnets by exploiting the vulnerability of Universal Plug and Play protocol (UPnP) with an amplification method

Follow Us


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.