DDoS Research Report: Public Cloud Services are Frequently Used to Launch DDoS Attacks

According to a recent study, hackers are increasingly using public cloud services to launch DDoS attacks. Research from anti-DDoS company  Link11 shows that in the 12 months from July 2017 to June 2018, one-quarter of DDoS attacks in Europe used botnets based on public cloud servers, while data from the previous 12 months It is 18.5%.

Microsoft’s Azure cloud service platform is a cloud service that is frequently used for DDoS attacks during this period. According to statistics, an average of 38.7% of such attacks uses Azure servers. Amazon’s AWS data is 32.7%, and Alibaba’s Alibaba Cloud is 17.9%. The proportion of Google servers being abused is much lower, accounting for only 10.7%.

According to Link11, botnets based on public cloud servers are an ideal platform for launching DDoS attacks. Cloud instances typically provide 1 to 10 Gbps of bandwidth, making attacks 1,000 times more potent than home routers or IoT devices, as well as other similar standalone devices.

Because organisations typically rely on public clouds, blocking these services is not a reasonable choice. To protect themselves, organisations need to analyse the communication between public cloud services and their networks in detail, and monitor malicious or unwanted traffic—this can be done efficiently through machine learning, allowing for the analysis and identification of legitimate traffic.

You can download the full report here.