Sophistication
Sustained Floods Peak at 70 Gbps and More Than 30 Million PPS
HOLLYWOOD, Fla., Oct. 1, 2012 (GLOBE NEWSWIRE) -- Prolexic
Technologies, the global leader in distributed denial of service (DDoS)
protection services, today warned of an escalating threat from
unusually large and highly sophisticated DDoS attacks.
The DDoS attacks have been launched in the last week using the
so-called itsoknoproblembro DDoS toolkit. The malicious actor(s) behind
the attacks have used this potent tool in conjunction with
sophisticated attack methods that clearly demonstrate knowledge of
common DDoS mitigation methods. The attack signatures are extremely
complex and Prolexic has recorded sustained floods peaking at 70 Gbps
and more than 30 million pps against some of its customers. Most
mitigation providers would struggle to combat DDoS attacks with these
characteristics.
"What we are experiencing is a dramatic uptick in the size and
sophistication of DDoS attacks to a level not previously observed,"
said Prolexic Chief Executive Officer Scott Hammack. "Only a handful of
companies around the world could survive a hit of 70 Gbps in
conjunction with the complex blend of attack vectors we have
witnessed."
The itsoknoproblembro toolkit includes multiple infrastructure and
application-layer attack vectors, such as SYN floods, that can
simultaneously attack multiple destination ports and targets, as well
as ICMP, UDP and SSL encrypted attack types. A common characteristic of
the attacks is a large UDP flood targeting DNS infrastructures.
Uniquely, the attacking botnet contains many legitimate (non-spoofed)
IP addresses, enabling the attack to bypass most anti-spoofing
mechanisms.
"The size and sophistication of this threat has created a high-alert
within various industries and with good reason," said Hammack. "I'm
proud to say we've successfully mitigated multiple itsoknoproblembro
campaigns throughout the year, even when attack vectors have
continuously modulated during the course of the assault."
The Prolexic Security Engineering & Response Team (PLXsert) has been
monitoring the itsoknoproblembro suite and issued an internal threat
advisory to Prolexic customers earlier this month. A case study with
more details about the toolkit will be included in Prolexic's quarterly
attack report, which will be published in mid-October, along with a
public threat advisory that includes fingerprinted attack signatures
for recommended detection and mitigation strategies. The latest threat
advisories are available to the public at
www.prolexic.com/threatadvisories.
About the Prolexic Security Engineering & Response Team (PLXsert)
PLXsert monitors malicious cyber threats globally and analyzes DDoS
attacks using proprietary techniques and equipment. Through data
forensics and post attack analysis, PLXsert is able to build a global
view of DDoS attacks, which is shared with customers. By identifying
the sources and associated attributes of individual attacks, the
PLXsert team helps organizations adopt best practices and make more
informed, proactive decisions about DDoS threats.
Details of Prolexic's mitigation activities and insights into the
latest tactics, types, targets and origins of global DDoS attacks are
provided in quarterly reports published by the company. A complimentary
copy of Prolexic's Q3 2012 Global DDoS Attack Report will be available
shortly at www.prolexic.com/attackreports.
About Prolexic
Prolexic is the world's largest, most trusted Distributed Denial of
Service (DDoS) mitigation provider. Able to absorb the largest and most
complex attacks ever launched, Prolexic restores mission-critical
Internet-facing infrastructures for global enterprises and government
agencies within minutes. Ten of the world's largest banks and the
leading companies in e-Commerce, SaaS, payment processing,
travel/hospitality, gaming and other at-risk industries rely on
Prolexic to protect their businesses. Founded in 2003 as the world's
first in-the-cloud DDoS mitigation platform, Prolexic is headquartered
in Hollywood, Florida and has scrubbing centers located in the
Americas, Europe and Asia. To learn more about how Prolexic can stop
DDoS attacks and protect your business, please visit www.prolexic.com,
follow us on LinkedIn, Facebook and Google+ or follow @Prolexic on
Twitter.