- Jun 9, 2013
- 6,720
The number of DDoS attacks launched in the last quarter of 2015 has risen dramatically, and especially the ones targeting Turkey, Nexusguard, a company specialized in DDoS protection, reports.
According to the Nexusguard Q4 2015 Threat Report, the top two most targeted ISPs in the last month of 2015 were Turkcell and Turkish Telecom, who faced a barrage of DDoS attacks starting with early December and until the end of the year.
Most of these were reflective DDoS attacks that leveraged the DNS protocol to amplify the number of requests directed towards a target. Furthermore, the attackers weren't interested in selecting the biggest amplification factor for their attack but were more interested in leveraging Turkish domains to carry them out.
For this, they've selected nic.tr, a domain that had a 2x amplification factor, and turkey.com, which has a 3.9x amplification factor. Regular attacks would have used domains with a 50x amplification factor.
Russia may be behind most of these attacks
The rise in DDOS attacks targeting and using Turkey's infrastructure makes Nexusguard speculate on the involvement of a state-powered threat actor.
"The peak of these attacks may be related to rising tensions between Russia and Turkey," Nexusguard researchers explain. "Russia is not an amateur when it comes to executing denial of service attacks in a response to political events."
Full Article. Anonymous and Russia Are Behind a Huge Rise in DDoS Attacks Targeting Turkey
According to the Nexusguard Q4 2015 Threat Report, the top two most targeted ISPs in the last month of 2015 were Turkcell and Turkish Telecom, who faced a barrage of DDoS attacks starting with early December and until the end of the year.
Most of these were reflective DDoS attacks that leveraged the DNS protocol to amplify the number of requests directed towards a target. Furthermore, the attackers weren't interested in selecting the biggest amplification factor for their attack but were more interested in leveraging Turkish domains to carry them out.
For this, they've selected nic.tr, a domain that had a 2x amplification factor, and turkey.com, which has a 3.9x amplification factor. Regular attacks would have used domains with a 50x amplification factor.
Russia may be behind most of these attacks
The rise in DDOS attacks targeting and using Turkey's infrastructure makes Nexusguard speculate on the involvement of a state-powered threat actor.
"The peak of these attacks may be related to rising tensions between Russia and Turkey," Nexusguard researchers explain. "Russia is not an amateur when it comes to executing denial of service attacks in a response to political events."
Full Article. Anonymous and Russia Are Behind a Huge Rise in DDoS Attacks Targeting Turkey
