NEUSTAR
Neustar , Inc., a global information services and technology company and leader in identity resolution, announced that its Security Operations Center (SOC) saw a 168% increase in distributed denial-of-service (DDoS) attacks in Q4 2019, compared with Q4 2018, and a 180% increase overall in 2019 vs. 2018. According to Neustar’s latest cyber threats and trends report, released today, the company saw DDoS attacks across all size categories increase in 2019, with attacks sized 5 Gbps and below seeing the largest growth. These small-scale attacks made up more than three quarters of all attacks the company mitigated on behalf of its customers in 2019.
DDoS attacks taking varied forms
In 2019, the largest threat Neustar mitigated, at 587 gigabits per second (Gbps), was 31% larger than the largest attack of 2018, while the maximum attack intensity observed in 2019, 343 million packets per second (Mpps), was 252% higher than that of the most intense attack seen in 2018. However, despite these higher peaks, the average attack size (12 Gbps) and intensity (3 Mpps) remained consistent year over year. The longest single, uninterrupted attack experienced in 2019 lasted three days, 13 hours and eight minutes.
Though the number of attacks increased significantly across all size categories, small-scale attacks (5 Gbps and below) again saw the largest growth in 2019, continuing the trend from the previous year. The combination of DDoS-for-hire and botnet rental services has made DDoS attacks much easier to execute, but the fact that perpetrators seem to be in many cases choosing to engage in small-scale attacks suggests that their goal may often be something other than taking a site completely offline.
“Large, headline-making DDoS attacks do still take place, but many cybersecurity professionals believe that smaller attacks are being used simply to degrade site performance or as a smokescreen for other forms of cybercrime, such as data theft or network infiltration, which the perpetrator can execute more easily while the target’s security team is busy fighting a DDoS attack,” said Rodney Joffe, senior vice president, senior technologist and fellow at Neustar. “Furthermore, with the current move of the bulk of the workforce globally to a work from home model, we expect to see a significant increase in DDoS attacks against VPN infrastructure. This risk makes an ‘always on’ DDoS mitigation service even more critical.”
In addition to conventional DDoS attacks, which seek to exhaust bandwidth, in 2019 Neustar also observed an increase in network protocol or state exhaustion attacks, which target network infrastructure directly. Volumetric attacks continued to proliferate as well, with attackers using new DDoS vectors such as Apple Remote Management Services, Web Services Dynamic Discovery, Ubiquiti Discovery Protocol and the Constrained Application Protocol.
Said Joffe, “During the shift to teleworking at scale, we would not be surprised to see the VPN protocol ports added to these targeted attacks.”
Two- and three-vector attacks ‘just right’ for attackers
In 2019, approximately 85% of all attacks used two or more threat vectors. That number is comparable to the 2018 figure; however, the number of attacks involving two or three vectors rose from 55% to 70%, with correspondingly fewer simple single-vector attacks and complex four- and five-vector attacks, suggesting that attackers have settled into the Goldilocks zone for attacks.
Security professionals continue to view DDoS attacks as a growing threat. According to the most recent Neustar International Security Council (NISC) survey, when asked which vectors they perceived to be increasing threats during November and December 2019, senior-level cybersecurity decision-makers cited social engineering via email most frequently (59%), followed by DDoS (58%) and ransomware (56%).
Web attacks increasing
2019 saw web attacks on the rise as well. Most companies recognise the danger that slow-loading websites pose to their business and attempt to protect them with web application firewalls. In the most recent NISC survey, 98% of respondents agreed that a WAF was an essential component of their security infrastructure. However, as more and more enterprises use multiple cloud providers, often involving a mix of public and private clouds, the need for consistent security across applications and platforms is growing.
“Web attacks can be difficult to track because some variation in the performance of websites is to be expected, but they are increasingly critical for businesses to address. One survey found 45% of consumers are less likely to make a purchase when they experience a slow loading website, and 37% are less likely to return to a retailer if they experience slow loading pages,” added Joffe.
A vendor-neutral cloud WAF, coupled with DDoS protection, can eliminate a large portion of threats, allowing enterprise application experts to focus their attention on the more specialised attacks. Continuous updates from a reliable threat feed can also deliver information on bad IPs and botnet command and control (C&C) sites before they are able to damage the network.
A complimentary copy of the Neustar 2019: The Year in Review cyber threats and trends report is available here .
-ENDS-
About Neustar
Neustar is an information services and technology company and a leader in identity resolution providing the data and technology that enables trusted connections between companies and people at the moments that matter most. Neustar offers industry-leading solutions in Marketing, Risk, Communications, Security and Registry that responsibly connect data on people, devices and locations, continuously corroborated through billions of transactions. Neustar serves more than 8,000 clients worldwide, including 60 of the Fortune 100. Learn how your company can benefit from the power of trusted connections here: https://www.home.neustar
.
# # #
View source version on businesswire.com: https://www.businesswire.com/news/home/20200326005046/en/
Link:
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Torq Crushes EMEA Estimates With Record-Breaking Q3, Hitting 185% of Quarterly Target19.11.2025 15:00:00 CET | Press release
Torq Achieves 284%EMEA Customer Growth As It Signs Iconic Enterprises Including Virgin Atlantic, Kyocera, Siemens, and Zara Torq, the autonomous security operations leader, today announced it has exceeded Q3 EMEA revenue estimates, achieving 185% of its quarterly target. Torq is now firmly established as EMEA’s autonomous security operations platform of choice as enterprise goliaths continue joining its customer ranks, including Virgin Atlantic, Kyocera, Siemens, and Zara. Torq’s EMEA headcount grew 400% across 2025 to accommodate the exponentially increasing demand. “As worldwide momentum accelerates, Torq is doubling down on its EMEA investment by expanding operations, growing regional leadership, and strengthening our on-the-ground presence to fuel our next stage of growth,” said Ofer Smadari, CEO and co-founder, Torq. “Torq is now trusted by many of the world’s largest brands inside some of the most complex and sophisticated security operations centers. With new expansion into Germ
iConnections Launches Pipelines: A Powerful New Way for LPs and GPs to Turn Connections Into Real Momentum19.11.2025 15:00:00 CET | Press release
iConnections, the leading network for allocators and fund managers, today announced the launch of Pipelines, a new productivity and relationship-management tool built directly into the platform. Pipelines gives LPs and GPs a structured, visual, and purpose-built way to organize their outreach, nurture relationships, and drive their fundraising or investment processes forward—without relying on fragmented spreadsheets or generic CRMs. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251119021208/en/ Born from extensive feedback across the alternative investment ecosystem, Pipelines is designed to solve a common industry challenge: after a productive event or outreach cycle, promising conversations often lose momentum because there is no simple, tailored way to track next steps. “With Pipelines, users finally have a workflow that matches the way this industry actually operates,” said Douglas Melchior, VP of Product at iConnectio
Xsolla Releases “The Xsolla Report: State of Play Q3 2025 Edition, Vol. 8,” Delivering Clear, Data-Led Insights for Game Developers19.11.2025 15:00:00 CET | Press release
Report Unpacks Regional Trends Across China, Europe, and MENA to Inform Growth, Monetization, and Player Engagement Strategies Xsolla, a global video game commerce company that helps developers launch, grow, and monetize their products, today announces the release of The Xsolla Report: State of Play Q3 2025 Edition, Vol. 8, a comprehensive analysis of market forces shaping the games industry. The report synthesizes the latest data and expert perspectives to help developers and publishers plan for sustainable growth across platforms and regions. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251119397781/en/ Graphic: Xsolla As developers navigate new distribution models and evolving monetization approaches, the Q3 2025 edition offers a practical perspective on where the market is heading. The global player base is projected to reach 3.6 billion by year-end, with revenue on track to reach $188.8 billion—driven by steady moment
PicSee Launches the World’s First Social Platform That Helps You Get All Your Photos from Friends19.11.2025 15:00:00 CET | Press release
Built on Mutual Photo Sharing and Powered by AI PicSee, a new kind of social platform, announced its global launch - introducing a revolutionary way for friends and family to reconnect through photos. Built on mutual photo sharing and powered by AI, PicSee helps users automatically get all their photos from friends by giving them theirs - without ever uploading them to the cloud. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251112904808/en/ PicSee App - Home Screen Every year, trillions of photos are captured but rarely shared with the friends in them. PicSee changes that. Using on-device facial recognition and a patent-pending “give to get” system, the app automatically identifies which photos belong to whom and helps friends exchange them securely with a single tap. PicSee scans a user’s gallery, recognizes faces, and generates a personalized invite such as: “I have 75 of your pics. Come get them on PicSee.” Once two fri
Frontgrade’s Next-Generation SADA-10 Enhances Satellite Power System Efficiency for LEO and MEO Missions19.11.2025 13:30:00 CET | Press release
Frontgrade™ Technologies, a leading provider of high-reliability electronic solutions for space and national security missions,today announced the SADA-10, a compact Solar Array Drive Assembly (SADA) engineered to deliver precise, reliable solar array positioning for Low and Medium Earth Orbit missions. Designed with the latest technology for New Space and leveraging Frontgrade learnings from heritage systems, the SADA-10 combines flight-proven reliability with optimized size, weight, power, and cost (SWaP-C) to give customers greater efficiency and mission assurance in a smaller footprint. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251119865921/en/ The SADA-10’s hybrid stepper motor and harmonic gear drive provide high torque output, zero backlash, and accuracy of 0.015°, ensuring precise solar tracking and maximum power generation in orbit. Dual potentiometers enable redundant position sensing for reliable performance,
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom