Latest Vulnerability Triggers Record-breaking DDoS Attacks

Latest Vulnerability Triggers Record-breaking DDoS Attacks

A10 Defend Helps Customers Navigate this Rapidly Evolving DDoS Threat Landscape

Distributed denial of service (DDoS) attacks have consistently been a chief concern of security teams. However, common misconceptions still exist. Some view that DDoS attacks are merely nuisances or inconveniences – that they are volumetric and straightforward to defend against – and that the DDoS defenses most organizations use today can render these threats obsolete. With examples like the recently discovered HTTP/2 rapid reset vulnerability, that couldn’t be further from the truth.

As we covered in our?security advisory, the HTTP/2 rapid reset vulnerability has been widely reported, and it is making waves in the cybersecurity space, causing record-breaking DDoS attacks. Attacks leverage this vulnerability to inflict resource exhaustion on intended targets, but the vulnerability allows attackers to execute DDoS attacks in an unusual manner. It can bypass traditional detection methods like rate limiting because the rapid reset doesn’t necessarily send many packets. Instead, each packet contains hundreds or thousands of headers that initiate and reset connections with the server in a continuous cycle. The server then goes through a clean-up process for each reset stream, and accumulating these clean-up processes results in attackers achieving the end goal – a slowdown or outright failure of the intended target.

Attacks using the HTTP/2 vulnerability are just one well-known example of threat actors using new and creative attack methods. And a multi-step mitigation process is needed. Capturing attack behavior and identifying malicious entities is the first step, but it must be followed by a machine learning (ML)-enhanced analysis to stop future attacks from being successful.

The Current Reality: Rapidly Evolving Attack Vectors

Top analyst research firms point to DDoS as the number-one type of threat incident, and for good reason. DDoS attacks are more accessible than ever to execute due to the proliferation of IoT devices and the rise of DDoS-as-a-service. Additionally, while AI is being leveraged in DDoS defenses, it is also being leveraged by attackers. The above reasons indicate that modern DDoS attacks will continue to be a critical concern given their frequency, intensity, and complexity evolution. They are often used as smokescreens for ransomware and malware attacks, making services unavailable. This results in limited or no data access, which is the organization's lifeblood. Given how critical it is to protect networks and data, a new and more holistic DDoS defense strategy is required.

Combating modern DDoS attacks is not just about eradicating zero-day ML-enhanced threats with ML-enhanced methods. It is also about proactively bolstering DDoS defenses with more accurate, in-depth, and proactive threat intelligence that is also ML-enhanced. Machine learning allows for expedited adjustments and accelerated learning because a machine can sift through volumes of data much faster than a human can. By correlating the information and recognizing patterns in the data, machines can rapidly evolve, even as the threats evolve. The best way to use machine learning in practice is through threat intelligence; so much of the alerts and information collected are just noise without ML-enhanced analytics. Therefore, AI and ML are integral to detection, mitigation, and threat intelligence and can enhance accuracy and response times.

DDoS Prevention: Advancements to Protect Against a Familiar Adversary

The newly announced?A10 Defend solution portfolio?provides a holistic foundation for new and advanced DDoS protection with AI-enhanced zero-day detection capabilities, analytics, and proactive DDoS threat intelligence to protect against new and previously unknown attacks. A10 Defend integrates ML technologies to provide scalability, efficacy, and industry-specific threat intelligence. This comprehensive DDoS solution enables intelligent and automated detection, mitigation, orchestration, and proactivity in service provider and enterprise environments, including on-premises and cloud workloads.

A10’s security research team has extensive experience tracking the origins of DDoS attacks and their weapons, and we’ve applied that knowledge to build the A10 Defend portfolio. A10 Defend is a comprehensive suite of products designed to predict, identify, detect, and mitigate cybersecurity threats in the most demanding environments. It is the latest evolution of DDoS protection to help customers ensure maximum uptime and deliver optimal user and subscriber experiences.


This article was originally published on the A10 blog.


要查看或添加评论,请登录

社区洞察

其他会员也浏览了