Security researchers have uncovered a new attack vector that has powered the largest Distributed Denial of Service (DDoS) (opens in new tab) attack recorded this year.
In a post sharing details about the growing number of large-scale DDoS attacks in 2021, CDN (opens in new tab) and cybersecurity services provider Akamai noted the use of an obscure networking protocol called Datagram Congestion Control Protocol (DCCP) or protocol 33.
“Threat actors abuse protocol 33 in an attempt to bypass defenses (opens in new tab) focused on traditional Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) traffic flows,” noted Akamai’s Tom Emmons.
We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.
- We've put together a list of the best endpoint protection software (opens in new tab)
- Here’s a list of the best web hosting services (opens in new tab)
- Check our roundup of the best cloud hosting providers (opens in new tab)
Creative attack vectors
The attack forced Akamai to look into the protocol to offer mitigation strategies.
Chad Seaman, team lead of Akamai’s security intelligence and threat research team shares that while DCCP is similar to TCP it offers far less features in order to reduce processing overhead. In the observed attacks, the perpetrators SYN flood the target network with DCCP-Request packets.
The traffic in the most recent attack that used protocol 33 peaked at more than 800Gbps notes Emmons. Aimed at a European gambling company, the attack was the biggest and most complex Akamai has witnessed and marks the revival of DDoS ransomware (opens in new tab) attacks.
Emmons believes that attackers are doubling down on DDoS efforts with the first three months of 2021 alone witnessing more attacks over 50 Gbps than were witnessed in the whole of 2019. He adds that attacks of this size can virtually take down any network they target, even websites (opens in new tab) hosted on dedicated servers (opens in new tab).
“The bottom line: Attackers are constantly probing for new and creative ways to launch DDoS attacks, and DCCP abuse is the latest example of such criminal pursuits,” observes Emmons.
- Here's our choice of the best malware removal (opens in new tab) software on the market