DDoSers Shift to Smaller Attacks

By Sony T
6 Min Read

If you’re not familiar with a DDoS (Distributed Denial of Service) attack, consider yourself among the lucky ones. An increasingly common form of cyber attack that has brought down the websites and online services of some of the biggest companies in the world, DDoS attacks work by bombarding targets with enormous amounts of fraudulent traffic. Like directing large quantities of real world traffic down a street too narrow to handle it, the result is a gridlock that stops legitimate traffic from reaching its target.


For those without the right DDoS protection services, the results can be disastrous.

DDoS attacks have been a fixture of cyber attacks throughout the twenty-first century thus far. However, recently there has been a shift to smaller attacks, referred to as a bit-and-piece DDoS attack.

Smaller isn’t better

Unfortunately, if a smaller attack sounds less serious, think again! Low-bandwidth distributed DDoS attacks are typically smaller in size, measuring in at less than 1 Gbps (gigabyte per second). They work by drip-feeding junk traffic into a big IP pool, making it tough on targets by clogging them up with, literally, bits and pieces of traffic from various different IPs. In essence, they spread their junk traffic out across huge numbers of IP addresses, injecting small quantities of junk into the genuine traffic that flows from these IPs.

Despite their relatively smaller size, they are still sufficient to bring down services and websites targeted using the strategy of high packet-rate loads consisting of smaller volumes of traffic. While not measuring up to the biggest DDoS attacks — which can tip the scale at upward of 2 Gbps — bit-and-piece DDoS attacks are able to evade many DDoS mitigation systems for detecting such attacks. Because there is so little junk traffic per address, they are not detected — like counterfeit or other illicit goods being smuggled as part of a larger genuine shipment.

This poses a massive risk for targets, since it means many of their existing measures, if they have not taken the necessary precautions, may not be up to the job. Even very small attacks, such as in the vicinity of tens of megabytes per second, can have an impact by being used for continued, sustained attacks.

Attacks increase

News about this next generation of DDoS attacks comes from a recent report claiming that low-bandwidth distributed DDoS attacks ramped up by a massive 233 percent during the first half of 2021. Virtually all of these attacks were under 1 Gbps — and many much smaller than that. Due to the unique attack profile, these bit-and-piece attacks are able to evade signature and threshold-based DDoS detection systems.

DDoS attacks have only become more commonplace and popular (with attackers, not victims) during the pandemic. As the world has relied more than ever on the connected infrastructure provided by the internet — for everything from remote work to entertainment to retail — efforts by bad actors to try and bring down these internet services have increased significantly. The impact of a DDoS attack on a company can range from lost earnings (during the outage itself) to longer term reputational damage.

DDoS attacks are not going to go away any time soon. As demonstrated by the rise of bit-and-piece attacks, they continue to evolve in ways that allow attackers to slip under the radar and execute successful attacks. The rise of DDoS-for-hire services — which allow would-be attackers to hire a botnet for executing an attack, the way users might hire a movie on Apple’s TV app — simply adds to the problem. Such attacks can be rented for as little as a few dollars at a time, lowering the barrier to entry.

Use the best tools available

It’s for this reason that it’s crucial that organizations deploy the best, and most robust, DDoS tools that are available to offer protection. Traditional measures that might have safeguarded against threats just a few years ago can no longer be relied upon to work in every context. DDoSers are now using new tactics to evade legacy anti-DDoS solutions. Fortunately, there are tools that can help.

Anti-DDoS tools are able to use various intelligent means to monitor for fraudulent traffic, even when it might be obscured. By doing this, it’s possible to identify impending DDoS attacks and block them, all the while continuing to let genuine traffic through to its destination. There are also services referred to as DDoS deflation which are able to help absorb DDoS attacks of different sizes, without them having the detrimental impact they seek.

DDoS attacks can cover a wide range of approaches, all with the same ultimate goal. However, by availing yourself of the right protective measures, it’s possible to safeguard against all of them. It’s something that’s likely to earn you the gratitude of your customers — and anyone else who relies on what it is that you have to offer.

Share This Article
By Sony T
Sony is a passionate bloggers writes on Futuristic technologies ...
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *