Security researchers have uncovered a new attack vector that has powered the largest Distributed Denial of Service (DDoS) attack recorded this year.
In a post sharing details about the growing number of large-scale DDoS attacks in 2021, CDN and cybersecurity services provider Akamai noted the use of an obscure networking protocol called Datagram Congestion Control Protocol (DCCP) or protocol 33.
“Threat actors abuse protocol 33 in an attempt to bypass defenses focused on traditional Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) traffic flows,” noted Akamai’s Tom Emmons.
- We've put together a list of the best endpoint protection software
- Here’s a list of the best web hosting services
- Check our roundup of the best cloud hosting providers
Creative attack vectors
The attack forced Akamai to look into the protocol to offer mitigation strategies.
Chad Seaman, team lead of Akamai’s security intelligence and threat research team shares that while DCCP is similar to TCP it offers far less features in order to reduce processing overhead. In the observed attacks, the perpetrators SYN flood the target network with DCCP-Request packets.
The traffic in the most recent attack that used protocol 33 peaked at more than 800Gbps notes Emmons. Aimed at a European gambling company, the attack was the biggest and most complex Akamai has witnessed and marks the revival of DDoS ransomware attacks.
Emmons believes that attackers are doubling down on DDoS efforts with the first three months of 2021 alone witnessing more attacks over 50 Gbps than were witnessed in the whole of 2019. He adds that attacks of this size can virtually take down any network they target, even websites hosted on dedicated servers.
“The bottom line: Attackers are constantly probing for new and creative ways to launch DDoS attacks, and DCCP abuse is the latest example of such criminal pursuits,” observes Emmons.
- Here's our choice of the best malware removal software on the market
Via: BleepingComputer
