Akamai has released its latest State of the Internet Security report, which shows that the average DDoS attack size doubled in early 2018.
This increase in attack traffic followed after attackers discovered and employed a new DDoS reflection and amplification method with the potential to multiply their attack resources by a factor of 500,000.
The attack vector, called memcached UDP reflection, uses resources exposed on the Internet – with no malware or botnet required.
Memcached is a tool meant to cache data and reduce strain on heavier data stores, like disk or databases, and no authentication is required.
When this is added to the ability to spoof IP addresses of UDP traffic, the protocol can be abused as a reflector when exposed to the Internet.
In February 2018, a memcached reflector attack set a new record for the largest attack Akamai has mitigated to date.
At 1.3Tbps, the attack more than doubled the previous record of 623Gbps – achieved by Mirai in September 2016.
Median DDoS attack sizes also continued to increase over the past year, now reaching 1.3Gbps.
Akamai highlighted that a swift response by developers, network operators, and service providers has quickly reduced the number of vulnerable memcached servers.
This quick response has limited the potential of this new attack vector in the future.