Researchers have discovered a new method of DDoS attack. This style has been dubbed “Pulse Wave”, due the signature pattern it creates on attack charts. Traditional DDoS attacks normally have a ramp-up time when the attack begins. This is due to attackers adding bots to their botnets and is also due to attackers tweaking the effectiveness of their attacks – while the attack is progressing. In addition, after the attack reaches peak volumes they normally trail off, once the attacker has succeeded on taking a site offline or has given up due to DDoS defenses in place. DDoS attacks take this form in many cases.
Pulse Wave attacks go from zero to maximum value in very short, quickly repeated intervals, which form the wave-like pattern.
Although this type of attack has been seen in the past, the frequency is increasing. Analysts believe that this level of precise control over botnets is coming from attackers using DDoS-for-hire services. Since the service is costing the attackers money, they use the botnet to attack more than one target at a time. Attackers send a short burst to target number one, watch them be severely impacted, then switch to target number two, taking them offline as well. Then they switch back. This allows attackers holding those for ransom to attack more than one target at a time. Hackers understand “better bang for your buck”.
Pulse Wave attacks can cause quite the headache for organizations with hybrid DDoS mitigation solutions. Hybrid solutions depend on hardware deployed on-premises to detect an attack before notifying and diverting to the cloud to increase scrubbing capacity. The lightning fast onset and speedy changes of a Pulse Wave attack decrease the window of time to identify, and the sharp drop can fool systems into believing the attack is over.
Oracle Dyn users don’t have to worry. Our patented DDoS mitigation methodology, known as RapidBGP, provides the agility needed to thwart these types of attacks, with no hardware deployed on-premises. To learn more about Oracle Dyn DDoS protection, visit us here.