IaaS provider registers spike in DDoS attacks

08 September 2020 | Melanie Mingas


A wave of 1Tbps+ denial of service (DDoS) attacks have been attempted against customers of an international Infrastructure-as-a-Service (IaaS) provider.

Voxility registered the attacks last week and said it implemented its fully integrated anti-DDoS solution to protect customers’ network infrastructure from depreciation in service or being taken offline.  

The attack waves peaked at 1,035 gigabits per second (Gbps) and 1,044 Gbps on 3 and 4 September, accompanied subsequently by lower intensity attacks of 798 Gbps and 854 Gbps over the weekend. These were made up of volumetric UDP flood, comprising abnormally large UDP packets, DNS amplification, and UDP packets without payload, in an attempt to overwhelm infrastructure ports with IP traffic.

“The motivations behind these waves of DDoS attacks are uncertain at this point. Whether they are caused by extortion attempts or simply seeking to disrupt the hosting provider’s operations, very large volumetric DDoS attacks are occurring often across networks,” said Maria Sirbu, VP of corporate communications at Voxility.

“In August alone, Voxility saw more than 30 attack waves that surpassed 500Gbps in volume intensity, while at least six to seven events out of these where higher than 700Gbps. This is in contrast to what has been reported by website security companies in 2020 who have seen a more frequent, but lower-intensity attack landscape for DDoS,” Sirbu continued.

Voxility isn’t the only player to witness such activity and DDoS isn’t the only method of attack.

In July, Capacity reported on the wave of cyberattacks registered 2020 year to date. These included demands for Telecom Argentina to pay a US$7.5 million ransom in cryptocurrency and a high-profile attack on Twitter that saw celebrity and politician accounts hijacked to promote a cryptocurrency scam.

While many would be quick to attribute the increase in attacks to vulnerabilities and decentralisation related to Covid-19, the problem dates back further.

In 2018, Capacity reported that customers of Corero Network Security experienced an average of 237 DDoS attack attempts a month during Q3 2017 – equivalent to eight attack attempts every day, which was almost double the number experienced in Q1 2017, according to the half-yearly DDoS Trends report.

Sirbu said: “Successful anti-DDoS is a continuous process and large DDoS attacks have to be proactively planned for, especially if you are a network operator. These attacks have only highlighted how critical it is to have a scrubbing network behind your anti-DDoS setup, no matter how you decided to approach it.”