Business Wire

Neustar highlights rise in ransom-related DDoS attacks and greater use of existing attack vectors

Share

Neustar, Inc., a global information services and technology company and leader in identity resolution, has today published its report entitled ‘Cyber Threats and Trends: Pandemic Style’, detailing the security risks faced by companies as the COVID-19 pandemic accelerated the digital revolution.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210128005015/en/

To view this piece of content from mms.businesswire.com, please give your consent at the top of this page.

Figure 1: Percentage change in number of attacks by size category, 2020 vs. 2019 (Graphic: Business Wire)

Informed by data from Neustar’s Security Operations Center (SOC), the report reveals a 154 percent increase in the number of attacks between 2019 and 2020, with growth in ransom-related DDoS (RDDoS) attacks and a rise in use of existing attack vectors, including web applications. The report also provides key details around the amount, size, duration and intensity of DDoS attacks throughout 2020 to keep cyber security professionals informed.

DDoS ransom attacks on the rise

Primarily, the report highlights a rise in ransom-related DDoS attacks, by which extortion demands are issued against organisations. These attacks grew in persistence and sophistication, as well as by target, compared to previous years.

While RDDoS is not a new phenomenon for many online industries, attackers have recently set their sights on organisations across a wider variety of sectors including financial services, government and telecommunications.

One reason for the adoption of DDoS as a ransom vector, as opposed to using malware, is the ease with which such attacks can be carried out. Infecting an organisation’s networks with malware or ransomware takes time and careful planning. Launching a DDoS attack, in comparison, has become relatively simple and has the added benefit of being harder to trace back to its origin.

2020 saw bad actors posing as prolific threat groups such as Fancy Bear in ransom notes – capitalising on fear of high-profile nation-state attacks – and threatening DDoS attacks unless the ransom was paid within a specific time frame.

“Organisations should avoid paying these ransoms,” said Michael Kaczmarek, Vice President of Security Product Management at Neustar. “Instead, any attack should be reported to the nearest law enforcement field office, as the information may help identify the attackers and ultimately hold them accountable. Beyond this, organisations can prepare by setting up a robust DDoS mitigation strategy, including assessing the risks, evaluating available solutions, considering mitigation strategies and keeping their plan and provider up to date.”

Existing attack vectors

While 2020 did not see any dramatically new attack vectors emerge, there was certainly a greater use of existing ones like web applications, which were the top targeted hacking vector in 2020.

Numerous built-in access protocols, which have been increasingly exploited as attack vectors, came up again in 2020. In fact, the FBI issued an alert in July warning that common network protocols like ARMS (Apple Remote Management Services), WS-DD (Web Services Dynamic Discovery) and CoAP (Constrained Application Protocol) were being abused by hackers to conduct DDoS reflection and amplification attacks – while cautioning that disabling them could cause a loss in business productivity and connectivity.

In response to this heightened threat level, the results of the latest Neustar International Security Council (NISC) survey indicated that more cyber security professionals are outsourcing DDoS mitigation, having increased by a full percentage point in the last quarter alone.

DNS attacks

In 2020, Neustar also saw an increase in attacks on the Domain Name System itself — or what look like attacks, as bad actors abuse the system.

“Acting as the Internet’s address book and backbone of today’s digital services, it’s unsurprising that DNS is an increasingly appealing target for malicious actors, particularly as more consumers turn to websites during peak online shopping periods,” said Rodney Joffe, Senior Vice President and Fellow, Neustar.

Recent NISC survey data supports this trend, with three in five respondents in a December 2020 study reporting they had fallen victim to a DNS attack in the last year. Even more concerning, over 70 percent of organisations admitted to having reservations about their awareness of, and ability to respond to, DNS attacks.

The total number of DDoS attacks Neustar mitigated on behalf of its customers in 2020 increased by more than two and a half times over 2019. The largest attack size observed during this time was also the largest that Neustar has ever mitigated and, at 1.17 Terabits per second (Tbps), among the largest ever seen on the Internet. The longest duration for a single attack was also the longest Neustar has mitigated, at 5 days and 18 hours.

A copy of the Neustar report is available here.

-ENDS-

About Neustar

Neustar is an information services and technology company and a leader in identity resolution providing the data and technology that enables trusted connections between companies and people at the moments that matter most. Neustar offers industry-leading solutions in Marketing, Risk, Communications and Security that responsibly connect data on people, devices and locations, continuously corroborated through billions of transactions. Neustar serves more than 8,000 clients worldwide, including 60 of the Fortune 100. Learn how your company can benefit from the power of trusted connections here: https://www.home.neustar.

# # #

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

Contact information

Jenny Morris
Hotwire for Neustar
+44 (0)7393465529
neustaruk@hotwireglobal.com

About Business Wire

Business Wire
Business Wire
24 Martin Lane
EC4R 0DR London

+44 20 7626 1982http://www.businesswire.co.uk

(c) 2018 Business Wire, Inc., All rights reserved.

Business Wire, a Berkshire Hathaway company, is the global leader in multiplatform press release distribution.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

H.I.G. Capital Announces the Sale of DGS S.p.A.11.6.2024 12:00:00 CEST | Press release

H.I.G. Capital (“H.I.G.”), a leading global alternative investment firm with $62 billion of capital under management, is pleased to announce that an affiliate has signed a definitive agreement to sell its portfolio company, DGS S.p.A. (“DGS” or the “Group”), a leading firm in the Italian Information Technology market, to DGS Co-Founders and management team in partnership with ICG, a global alternative asset manager. Since its inception in 1997, DGShas supported blue-chip customers in the design, integration, and maintenance of complex IT systems, with a specialization in digital transformation and cybersecurity services. The Group currently has over 1,900 employees, revenues of approximately €300 million, and maintains a group of highly loyal clientele. During H.I.G.’s ownership, DGS has tripled in size and consolidated its position as a leading Italian firm in cybersecurity services and digital transformation. DGS offers its clients sophisticated and proprietary digital transformation

Evertas Names Nick Selby Head of European Underwriting11.6.2024 12:00:00 CEST | Press release

Evertas, the world’s first crypto insurance company, has named Nick Selby as its new Head of European Underwriting. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240611141887/en/ Nick Selby, Executive Vice President and Head of European Underwriting at Evertas (Photo: Business Wire) Selby, an accomplished information and physical security professional, brings two decades of expertise in public and private sector information security, physical security, and complex incident handling, as well as seven years of experience leading teams securing billions of dollars in cryptoassets. Previously, his roles included VP of the Software Assurance Practice at Trail of Bits, Chief Security Officer at Paxos Trust Company, and Director of Cyber Intelligence and Investigations at the NYPD Intelligence Bureau. “Nick is an extremely valuable addition to our European team,” said Evertas CEO and Co-Founder J. Gdanski. “His public and private

Owlet utvider globalt fotavtrykk med lanseringen av medisinsk-sertifisert Dream Sock™ i Storbritannia og over hele Europa11.6.2024 11:00:00 CEST | Pressemelding

Owlet, Inc. («Owlet» or the «Company») (NYSE:OWLT), pioneren innen smart spedbarnsovervåking, kunngjør i dag den britiske og europeiske lanseringen av Dream Sock. Dette er en smart babymonitor med levende helseavlesninger og varsler for friske spedbarn mellom 0-18 måneder og 2,5-13,6 kg. Dette innovative medisinske utstyret gir foreldre helse og viktig informasjon i sanntid, noe som gir uovertruffen trygghet. Denne pressemeldingen inneholder multimedia. Se hele pressemeldingen her: https://www.businesswire.com/news/home/20240611820341/no/ (Photo: Business Wire) «Vi er svært stolte over å lansere Dream Sock til omsorgspersoner over hele Storbritannia og Europa og gi millioner av foreldre mer trygghet mens babyen sover,» sa Kurt Workman, Owlets administrerende direktør og medgründer. «Dream Sock er nå et globalt produkt som er anerkjent som medisinsk nøyaktig og trygt, etter å ha gjennomgått regulatoriske autorisasjoner og sertifiseringer innenfor flere geografier. I dag er misjonen vår

V-Nova Surpasses 1000 Patent Milestone in Media Technology Innovation11.6.2024 10:00:00 CEST | Press release

V-Nova, a leading provider of data compression solutions, video compression technology, XR technology, AI acceleration and parallel processing for a multitude of industries including media and entertainment, today announced its milestone achievement of 1000 active technology patents. This accomplishment underscores V-Nova’s dedication to research and development and its commitment to protecting its intellectual property globally. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240611724561/en/ V-Nova’s patent portfolio spans more than 50 different jurisdictions. Including over 400 patents in Europe, over 200 in the Americas, over 100 in the United States specifically, and over 200 in Asia. V-Nova forged new directions in data processing to enhance digital experiences, maximize efficiency, reduce costs, and increase sustainability. The company leads the way with key international data compression standards for the video indust

Alipay+ Reveals Top Scorer Trophy Design for UEFA EURO 2024™11.6.2024 09:24:00 CEST | Press release

Alipay+, a suite of cross-border mobile payment and digitalization technology solutions operated by Ant International and an Official Partner of UEFA EURO 2024™, today revealed the trophy that will be awarded to the most prolific marksman at the UEFA EURO 2024™ finale on July 14 in Berlin, Germany. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240610328619/en/ The UEFA Top Scorer Trophy presented by Alipay+ is unveiled for UEFA EURO 2024™ (Photo: Business Wire) Sculpted in the shape of the Chinese character “支” (pronounced zhi, and meaning payment as well as support), the trophy reflects Alipay+’s dedication to supporting consumers to enjoy seamless payment and a broad choice of deals using their preferred payment methods while traveling abroad. The character also resembles the fleeting moment of a barefooted striker poised to shoot, evoking the original beauty and power of football – a game that united people across the wo

HiddenA line styled icon from Orion Icon Library.Eye