This new technique allowed cybercriminals to launch the largest DDoS attack ever

Volumetric DDoS attacks are on the rise

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Security researchers have uncovered a new attack vector that has powered the largestDistributed Denial of Service (DDoS)attack recorded this year.

In a post sharing details about the growing number of large-scale DDoS attacks in 2021,CDNand cybersecurity services provider Akamai noted the use of an obscure networking protocol called Datagram Congestion Control Protocol (DCCP) or protocol 33.

“Threat actors abuse protocol 33 in an attempt to bypassdefensesfocused on traditional Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) traffic flows,” noted Akamai’s Tom Emmons.

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

Click here to start the survey in a new window«

Creative attack vectors

The attack forced Akamai to look into the protocol to offer mitigation strategies.

Chad Seaman, team lead of Akamai’s security intelligence and threat research team shares that while DCCP is similar to TCP it offers far less features in order to reduce processing overhead. In the observed attacks, the perpetrators SYN flood the target network with DCCP-Request packets.

The traffic in the most recent attack that used protocol 33 peaked at more than 800Gbps notes Emmons. Aimed at a European gambling company, the attack was the biggest and most complex Akamai has witnessed and marks the revival of DDoSransomwareattacks.

Emmons believes that attackers are doubling down on DDoS efforts with the first three months of 2021 alone witnessing more attacks over 50 Gbps than were witnessed in the whole of 2019. He adds that attacks of this size can virtually take down any network they target, evenwebsiteshosted ondedicated servers.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“The bottom line: Attackers are constantly probing for new and creative ways to launch DDoS attacks, and DCCP abuse is the latest example of such criminal pursuits,” observes Emmons.

Via:BleepingComputer

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

We might have our first look at the long-rumored Samsung tri-fold