The state of DDoS Weapons – Q4 2018 – Special report by A10 Security research

A10 Network’s recently released State of DDoS Weapons Report provides unique insights into Distributed Denial of Service (DDoS) attack techniques by tracking and taking inventory of the millions of DDoS weapons in the wild that can be exploited and used to launch attacks.

A10 Network’s recently released State of DDoS Weapons Report provides unique insights into Distributed Denial of Service (DDoS) attack techniques by tracking and taking inventory of the millions of DDoS weapons in the wild that can be exploited to launch attacks. The threat intelligence derived from our research is an invaluable resource that helps A10 Networks and our customers proactively strengthen their defences.

Why inventory DDoS weapons? Well, while you probably won’t know when your organization might be attacked, why, or who might instigate it, you can have advance notice of where an attack might come from. That’s because the first “D” in DDoS is “Distributed.” Unlike stealthy, obfuscated intrusions, distributed weapon attacks are noisy and commonly observed. The attack weapons are composed of malware infected DDoS-for-hire botnets and exposed servers whose vulnerabilities are exploited to reflect and amplify an attack.

Knowing how to defend against both known and previously unseen attacks is important. But equally important is to know where the attacker’s weapons are actually located. To that end, A10 Networks and our partner DDoS threat researchers analyse forensic data, tap networks, track bot-herder activities, and scan the Internet for weapon signatures. We then create an up-to-date threat inventory that includes millions of IP addresses behind the DDoS weapons. This weaponry roadmap enables defenders to take a proactive stance against attackers by focusing on the location of DDoS weapons and the BGP Autonomous System Number (ASN) that hosts them upstream on the Internet.

Actionable intelligence is made available by leveraging a weaponry inventory and dynamically applying it to create blacklists with millions of entries listing the suspect IPs. This methodology is very effective because it doesn’t matter what kind of attack is sourced from the weapon — If you know in advance based on its location that the weapon has a track record for launching attacks, policies can be developed to proactively block it. The proactive actions thus enabled are especially effective for DDoS defence.

Key DDOS Weapon Observations 2018

  • 22,811,159: DDoS weapons tracked by A10 Networks
  • 5,116,043: Open DNS resolvers armed and ready to join DNS reflected amplification attacks
  • China, USA, Italy: Top three countries hosting DDoS weapons
  • 467,040: DDoS weapons hosted in public clouds
  • USA, Italy, UK: Top three countries hosting IoT malware droppers

www.a10networks.com/resources/ebooks/state-ddos-weapons

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Copyright: Security Buyer

ASIS UK Launches “Security is You(th)” Hackathon

ASIS International UK has launched Security is You(th), an initiative designed to engage students and early-career professionals…
Image provided by Veeam

AI and Ransomware: Cutting Through the Hype

Rick Vanover, Vice President Product Strategy, Veeam discusses how It might be the great paradox: Artificial Intelligence (AI)….
Copyright: Security Buyer

AmiViz Partners with Titania

AmiViz announced a strategic distribution agreement with Titania. This collaboration underscores a shared commitment to enhancing…
Oil and Gas

Navigating Africa’s Oil & Gas Industry

A comprehensive analysis of security strategies in Africa’s oil and gas industry, covering physical, cyber, and remote surveillance measures.
blackhat

Black Hat Europe Starts Soon

Black Hat Europe starts Monday and now is the perfect time to start planning your experience. With a full lineup of Keynotes…

VIVOTEK’s All-in-One Software Boosts Operational Efficiency for Enterprises

As demand for high-efficiency security systems rises among large enterprises, the global leading…
Assa Abloy website

WTC Amsterdam enhances security and efficiency with digital access solution

The World Trade Center (WTC) Amsterdam, home to over 300 companies, has upgraded its building security with a streamlined, digital access solution from ASSA ABLOY.
John Maddison website

Fortinet launches Lacework FortiCNAPP to enhance cloud-native security

In an advancement in cybersecurity, Fortinet has announced Lacework FortiCNAPP, providing organisations with visibility and security.
GITEX Global 2024 website

GITEX GLOBAL 2024: AI revolution drives strategic tech innovation

GITEX GLOBAL 2024 concluded on Friday, showcasing artificial intelligence (AI) as a transformative force driving business and economic growth
Scroll to Top