Description: A volumetric attack is a type of Distributed Denial of Service (DDoS) attack that aims to consume the bandwidth of a system, network, or server by flooding it with massive amounts of traffic. These attacks are characterized by their ability to generate such a high volume of data that the target cannot handle it, resulting in the disruption of legitimate services. Volumetric attacks often utilize a network of compromised devices, known as botnets, which send requests simultaneously, making it difficult to identify the sources of the attack. This type of attack can include techniques such as sending UDP packets, SYN Floods, or ICMP Floods, among others. The relevance of volumetric attacks lies in their simplicity and effectiveness, as they can be launched relatively easily and can cause significant damage to network infrastructures, affecting both businesses and individual users. Defending against these attacks requires the implementation of mitigation solutions that can filter out malicious traffic and ensure the availability of online services.
History: Volumetric attacks began to gain notoriety in the late 1990s and early 2000s, coinciding with the growth of the Internet and the proliferation of connected devices. One of the first documented volumetric attacks was the attack on the University of Minnesota in 1999, which utilized a SYN Flood attack. As technology advanced, so did the attack techniques, and volumetric attacks became more sophisticated and accessible, especially with the emergence of botnets in the 2010s. These attacks became a common tool for cybercriminals, who used them to extort businesses or as part of political conflicts and hacktivism.
Uses: Volumetric attacks are primarily used to disrupt the operation of online services, such as websites, applications, and networks. Attackers may employ these attacks to extort businesses, threatening to carry out an attack unless a ransom is paid. They are also used in the context of political conflicts, where hacktivist groups may launch volumetric attacks against government or corporate websites as a form of protest. Additionally, volumetric attacks can be used as a distraction while other, more sophisticated types of attacks are carried out.
Examples: A notable example of a volumetric attack was the DDoS attack on GitHub in 2018, which reached a traffic volume of 1.35 Tbps, using a technique known as Memcached amplification. Another case is the attack on Dyn in 2016, which affected numerous online services, including Twitter and Netflix, by flooding their servers with massive traffic. These incidents highlight the destructive capacity of volumetric attacks and the need for robust security measures.
