Skip to main content

This new technique allowed cybercriminals to launch the largest DDoS attack ever

DDoS Attack
(Image credit: Shutterstock)
Audio player loading…

Security researchers have uncovered a new attack vector that has powered the largest Distributed Denial of Service (DDoS) (opens in new tab) attack recorded this year.

In a post sharing details about the growing number of large-scale DDoS attacks in 2021, CDN (opens in new tab) and cybersecurity services provider Akamai noted the use of an obscure networking protocol called Datagram Congestion Control Protocol (DCCP) or protocol 33.

“Threat actors abuse protocol 33 in an attempt to bypass defenses (opens in new tab) focused on traditional Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) traffic flows,” noted Akamai’s Tom Emmons.

TechRadar needs yo...

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window (opens in new tab)<<

Creative attack vectors

The attack forced Akamai to look into the protocol to offer mitigation strategies. 

Chad Seaman, team lead of Akamai’s security intelligence and threat research team shares that while DCCP is similar to TCP it offers far less features in order to reduce processing overhead. In the observed attacks, the perpetrators SYN flood the target network with DCCP-Request packets.

The traffic in the most recent attack that used protocol 33 peaked at more than 800Gbps notes Emmons. Aimed at a European gambling company, the attack was the biggest and most complex Akamai has witnessed and marks the revival of DDoS ransomware (opens in new tab) attacks.

Emmons believes that attackers are doubling down on DDoS efforts with the first three months of 2021 alone witnessing more attacks over 50 Gbps than were witnessed in the whole of 2019. He adds that attacks of this size can virtually take down any network they target, even websites (opens in new tab) hosted on dedicated servers (opens in new tab).

“The bottom line: Attackers are constantly probing for new and creative ways to launch DDoS attacks, and DCCP abuse is the latest example of such criminal pursuits,” observes Emmons.

Via: BleepingComputer (opens in new tab)

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.