News

Security threats grow with voice now in the cross hairs

DDoS keyboard 16.9.jpg

Telecoms was one of the three most targeted verticals in the latest quarterly DDoS report from Lumen as the threat landscape continued to evolve.

In Q3 telcos were targeted with increasing frequency and accounted for 34% of the largest attacks by industry, followed by software and tech (21% of all attacks) and retail and distribution (12%).

"The voice attacks we have seen grow in the past three or four months that’s an alarming trend because voice services typically haven't been attacked as much in the past and aren't as well prepared to defend against DDoS mitigation," said Mark Dehus, Lumen director of information security and threat intelligence, in an interview with Capacity.

"DDoS attacks are rampant, and the frequency doesn't seem to be slowing down. If anything, attacks are evolving to use more complex methods, and are being aimed at services such as voice that have not typically been targets in recent years," he added.

In total there were 956 attacks against telcos, with the largest bandwidth attack recorded at 612Gbps. Further, 52% of these attacks were multi-vector.

In that, Lumen reported that multi-vector mitigations represented 44% of its total DDoS mitigations for the quarter, with the most common combination being: DNS amplification, TCP RST, TCP SYN-ACK amplification and UDP amplification.

TCP SYN was the most common single vector mitigation type, accounting for 25% of all DDoS mitigations.

Dehus said: "The attack types used against voice providers were also multi-vector.

"DDoS attacks are rampant, and the frequency doesn't seem to be slowing down. If anything, attacks are evolving to use more complex methods, and are being aimed at services such as voice that have not typically been targets in recent years," he added.

To compile the data the security team at Lumen analysed intelligence from Black Lotus Labs – the company's threat research arm – and attack trends from the Lumen DDoS Mitigation Service platform.

Other headline findings included:

  • A 35% rise in DDoS attacks mitigated in Q3 compared to Q2

  • The largest bandwidth attack scrubbed in Q3 was 612 Gbps – a 49% increase over Q2 – and the largest packet rate-based attack scrubbed was 252 Mpps – a 91% increase.

  • The longest DDoS attack period Lumen mitigated for an individual customer lasted 14 days.

  • For the first time, 28% of multi-vector mitigations involved a complex combination of four different attack types, including DNS amplification, TCP RST, TCP SYN-ACK amplification and UDP amplification.

 

Mark Dehus talks more about these trends in the next issue of Capacity magazine.