Security Researchers from Future’s Insikt Threat Intelligence Research Group are reporting* that the DDoS attacks that targeted the Netherlands financial sector in January was the first known use of IoTroop – also known as the Reaper Botnet, a variant of Mirai. The initial attack was a DNS amplification attack with traffic volumes peaking at 30Gs according to Insikt. Andrew Lloyd, President of Corero commented below.
Andrew Lloyd, President at Corero:
“While the reported amplitude of the attack (at 30Gbps) was nowhere close to record-breaking, it is still higher than most of the DDoS attacks that we see. Corero’s latest DDoS Trends Report* found that 96% of DDoS attacks were less than 5Gbps and only 1% above 10Gbps. In our experience, even the largest banks and financial institutions often have a protection gap within their DDoS defenses where short-duration, modest amplitude attacks go undefended.”