Common Information
| Type | Value |
|---|---|
| Value |
Direct Network Flood - T1498.001 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may attempt to cause a denial of service (DoS) by directly sending a high-volume of network traffic to a target. This DoS attack may also reduce the availability and functionality of the targeted system(s) and network. [Direct Network Flood](https://attack.mitre.org/techniques/T1498/001)s are when one or more systems are used to send a high-volume of network packets towards the targeted service's network. Almost any network protocol may be used for flooding. Stateless protocols such as UDP or ICMP are commonly used but stateful protocols such as TCP can be used as well. Botnets are commonly used to conduct network flooding attacks against networks and services. Large botnets can generate a significant amount of traffic from systems spread across the global Internet. Adversaries may have the resources to build out and control their own botnet infrastructure or may rent time on an existing botnet to conduct an attack. In some of the worst cases for distributed DoS (DDoS), so many systems are used to generate the flood that each one only needs to send out a small amount of traffic to produce enough volume to saturate the target network. In such circumstances, distinguishing DDoS traffic from legitimate clients becomes exceedingly difficult. Botnets have been used in some of the most high-profile DDoS flooding attacks, such as the 2012 series of incidents that targeted major US banks.(Citation: USNYAG IranianBotnet March 2016) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-05-29 | 7 | Anonymous Sudan Claims Successful Takedown of First Abu Dhabi Bank Website & Application Via DDoS Attacks | Threat Intelligence | CloudSEK | ||
| Details | Website | 2023-03-02 | 199 | Russia/Ukraine Update - February 2023 | ||
| Details | Website | 2022-12-20 | 133 | Russia/Ukraine Update - December 2022 | ||
| Details | Website | 2022-11-29 | 132 | Russia/Ukraine Update - November 2022 | ||
| Details | Website | 2022-09-29 | 68 | Russia/Ukraine Update - September 2022 | ||
| Details | Website | 2022-08-25 | 66 | Russia/Ukraine Update - August 2022 | ||
| Details | Website | 2022-06-30 | 65 | UNKNOWN | ||
| Details | Website | 2021-12-09 | 16 | The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs | ||
| Details | Website | 2021-04-01 | 60 | Avaddon RaaS | Breaks Public Decryptor, Continues On Rampage - SentinelLabs | ||
| Details | Website | 2021-01-19 | 37 | FreakOut – Leveraging Newest Vulnerabilities for creating a Botnet - Check Point Research |