Black Lotus, a provider of distributed denial of service (DDoS) protection, has issued a warning that despite a significant drop in network time protocol distributed reflection denial-of-service (NTP DrDoS) attacks in 2014, traditional, tried-and-true multi-vector attacks against servers and websites have resurfaced as the most frequent, severe threat to enterprises and service providers. You should make sure you are protecting your clients against SYN flood attacks, which, although smaller in size, are highly effective and difficult to stop without purpose-built commercial denial of service (DDoS) mitigation hardware or services.
Black Lotus compiles its quarterly threat reports by drawing on the latest attack data from its network logs and analyzing the results for trends in attack size, duration, method, source and other characteristics. The report’s findings show that:
“Since patched systems now make it easier to combat NTP threats, recent attacks have drastically decreased in volume when malicious users were unable to use a sufficient quantity of vulnerable systems in amplification,” said Jeffrey Lyon, co-founder of Black Lotus, adding, “however, enterprises should evaluate their protection against multi-vector attacks, since attackers can use SYN floods and application layer attacks to inundate networks, cause outages or disable serving content to legitimate users even without generating large bit volumes of traffic.”