Lumen Technologies (NYSE: LUMN) has released a study on Distributed Denial of Service (DDoS) mitigations for Q1 of 2023, which indicates an increase in sophisticated and complicated DDoS attacks. The study includes data from Lumen’s partner, ThreatX, which provides API and application protection services. By analyzing DDoS attacks mitigated by Lumen and application requests prevented by ThreatX, the report would offer a complete picture of the total threat landscape.
According to Peter Brecl, Lumen’s Director of Product Management for DDoS Mitigation and Application Security, businesses and organizations have been expanding their digital footprints at a faster pace in recent years, which gives threat actors more opportunities to conduct attacks. The study published by Lumen indicates that deploying a comprehensive solution with network protection, application-layer protection, and application acceleration capabilities, including DDoS mitigation, API safeguards, Web Application Firewalls, and Bot Risk Management, is the only way to safeguard that digital presence.
The study highlights the following key findings:
- An increase in attacks using DNS to torment victims, with DNS amplification used in 26% of single-vector assaults in the first quarter, up 417% from the corresponding period in 2013
- A sophisticated DNS amplification assault known as a ‘DNS water torture attack’ was the most frequent attack method
- Multi-vector mitigations that are complex, with a record-breaking six separate attack vectors, including DNS amplification, ICMP, TCP RST, TCP SYN/ACK amplification, and UDP amplification, being prevented by Lumen in Q1
- A rise in DDoS attack activity during American vacations, with Martin Luther King Jr. Day being the busiest holiday for threat actors in Q1
- A focus on bot defense, with ThreatX banning 25 billion requests from applications in Q1, with more than 30% of the blocked traffic being made up of bots
The telecom sector is still a top target, with 85% of the 1,000 largest DDoS attacks Lumen stopped in Q1 being directed at the telecom sector.
According to Jeremy Ventura, ThreatX’s field CISO and Director of Security Strategy, attacks against customers’ APIs and applications are becoming more voluminous and complex, with very big botnets and a variety of approaches being employed by threat actors. Mr. Ventura emphasizes the need for a thorough picture of the adversary and their strategies to more easily recognize dangers that need to be stopped in real-time.
The study indicates that businesses and organizations need to remain vigilant against DDoS attacks and deploy comprehensive solutions to safeguard their digital presence. Lumen’s API and application protection services, along with ThreatX’s services, can provide the necessary protection against DDoS attacks, botnets, and other malicious activities.
