NETSCOUT ASERT, renowned for its expertise in security research and DDoS attack mitigation, unearthed a disturbing trend in the world of cyber threats. The company's latest findings shed light on a surge in dynamic DDoS attacks employing a multitude of vectors and sophisticated techniques to launch botnet-driven, direct-path, state exhaustion, and application-layer assaults. These attacks are designed with one primary objective:
Bypass traditional, static network and cloud-based DDoS defenses.
Among the statistics revealed by NETSCOUT ASERT is the rise in the number of "carpet-bombing" attacks, which have witnessed an increase of over 110%. These attacks pose a unique challenge for security operations center teams, rendering conventional mitigation methods ineffective. Unlike traditional DDoS attacks that focus on a single host, carpet-bombing attacks target expansive ranges of IP addresses simultaneously, resulting in the generation of hundreds or even thousands of alerts with each assault.
This onslaught of alerts has made carpet-bombing attacks one of the more devastating tools in the arsenal of malicious actors, overwhelming SOC teams and rendering them unable to respond effectively to these widespread threats.
Therefore, NETSCOUT launched Adaptive DDoS Protection for its Arbor Threat Mitigation System, or TMS, to improve detection of distributed attacks that dynamically change vectors and target numerous destination IP addresses at once.
Adaptive DDoS Protection is a security solution that continuously examines network traffic in real-time, instantly deploying countermeasures and threat intelligence-based strategies to thwart evolving dynamic DDoS attacks. This system equips SOC teams with a flexible and active packet processing solution that offers insights into over half of all internet traffic, real-time global threat intelligence regarding DDoS attacks and a wealth of experience in DDoS mitigation. As a result, it autonomously identifies, adjusts to and suppresses dynamic DDoS attacks.
With the introduction of Adaptive DDoS Protection, NETSCOUT has changed DDoS traffic analysis. This innovative approach allows for a comprehensive network-level assessment spanning all subnetworks, facilitating the swift detection and simplified reporting of carpet-bombing attacks through a single, user-friendly alert.
Powered by machine learning, NETSCOUT's advanced Precise Protection Prefix technology autonomously identifies the specific IP ranges under attack. It seamlessly redirects these targeted ranges to Arbor TMS for mitigation, even as the attack shifts its focus across different network targets.
“Defending a network requires as much knowledge about your adversary as possible,” said Scott Iekel-Johnson, AVP, DDoS and Threat Intelligence at NETSCOUT. “We have embedded our global threat intelligence and decades of attack mitigation experience into this product. It’s like having an ASERT analyst at your side 24/7.”
Edited by
Alex Passett
