Intelligent CISO Issue 27 | Page 23

infographic 2. With reflected amplification, attackers exploit UDP-based protocols to launch the largest DDoS attacks ever seen. The top reflected amplification protocols were SNMP, SSDP, WS-Discovery, TFTP and DNS Resolver. The countries of origin for SNMP were USA, Republic of Korea, India, Brazil and Japan, while for SSDP the countries of origin were China, Republic of Korea, Venezuela, Taiwan and Japan. Attackers are flocking to Internetexposed IoT devices running the UDPbased WS-Discovery protocol to launch amplified reflection DDoS attacks. But less than half of WS-Directory attacks respond on port 3702 – 54% use high ports. A10 Networks says that sophisticated DDoS threat intelligence, real-time threat detection and automated signature extraction can help protect organisations against even the largest DDoS attacks. u 1. www.intelligentciso.com | Issue 27 23