A number of providers in the Netherlands, Belgium and France have stated that they were under fire last week from targeted DDoS attacks. Among them are Delta, Online.nl, FreedomNet and Tweak.nl.
The NBIP informed ZDNet that the attacks took place at the end of August and that several providers were victims. The attackers aimed for the routers and DNS infrastructure of the internet provider. If they become unreachable or overloaded, all customers will be without an internet connection. In most cases, these were LDAP attacks with a duration of several hours and a severity of around 300 Gigabits per second. In all cases, the attack lasted no longer than one day and the providers were able to mitigate the attack during that time.
Remarkably, the attacks took place after DDoS targets in the financial world were given some breathing room after having suffered attacks before. At the same time as these attacks, providers in Asia would also have been targeted.
The attack on Dutch providers, among others, was followed by another possible attack on provider CenturyLink. In the U.S., a large proportion of online services failed after a Flowspec rule was incorrectly configured. Something that occurs regularly in an attempt to resolve downtime due to a DDoS attack.
More large DDoS attacks in 2020
It is certainly not the first time this year that large-scale DDoS attacks have been carried out. In early 2020, AWS managed to repel an attack of about 2.3 Terabit/second after it actively tried to shut down the systems for three days. Until then, the record was still in the hands of NetScout Arbor, which faced an attack of 1.7Tbps in 2018.