Top eight DDoS attacks that organisations must avoid>
IT Wire – Eva Abergel
1. Burst attacks and advanced persistent denial-of-service (APDoS) campaigns include short bursts of high-volume attacks lasting 15-60 seconds at random intervals as well as attacks that can last weeks, involving multiple vectors aimed at all network layers simultaneously. 2. DNS attacks are exploits in which an attacker takes advantage of vulnerabilities in a domain name system (DNS), a service run by third parties and therefore more difficult to protect than an organisationâs own assets. 3. Dynamic content and CDN-based attacks are insidious. Dynamic content attacks further exploit CDN-based protection by overloading origin servers with requests for noncached content that the CDN nodes simply pass along. 4. SSL/TLS and encrypted attacks use SSL protocols to mask and further complicate attack traffic in both network and application-level threats 5. IoT botnets can be helpful or otherwise. While robotic process automation and other good bots help accelerate productivity and business processes, such as data collection and decision-making, malicious bots can create a large-scale DDoS attack on your network and services. Organisations continue to rely on conventional security solutions to assess bot traffic, but todayâs sophisticated bad bots can mimic human behaviour and bypass CAPTCHAs and other older technologies and heuristics.
6. Layer 7 application DoS attacks target resource exhaustion by using the well-known Hypertext Transfer Protocol (HTTP) as well as HTTPS, SMTP, FTP, VOIP and other application protocols that possess exploitable weaknesses, allowing for DoS attacks. 8. Reflection/amplification attacks take advantage of a disparity of request and response ratios in certain technical protocols. The attackers send packets to the reflector servers with a source IP address spoofed to their victimâs IP, indirectly overwhelming the victim with the response packets.
Link: https://itwire.com/guest-articles/guest-opinion/top-eight-ddos-attacks-that-organisations-must-avoid.html