International Cyber Expo International Cyber Expo
  • About Us
Monday, 13 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Attackers Use Pulse Wave DDoS to Pin Down Multiple Targets

by The Gurus
June 17, 2020
in Editor's News
Share on FacebookShare on Twitter

New findings from Imperva Incapsula research published today, details the emergence of a new DDoS assault pattern, which has been named Pulse Wave.  
According to lead researcher Igal Zeifman, “Pulse Wave DDoS represents a new attack methodology, made up of a series of short-lived pulses occurring in clockwork-like succession, which accounts for some of the most ferocious DDoS attacks we mitigated in the second quarter of 2017. In the most extreme cases, they lasted for days at a time and scaled as high as 350 Gbps.”
The size of these attacks, and the amount of skill they exhibit, are likely the handiwork of skilled bad actors who have become practiced in portioning their attack resources to launch simultaneous assaults. Meaning the intervals between each pulse are being used to attack a secondary target.
This new approach shows that some offenders have grown to understand that it is not necessary to hit a target continuously to take it offline; rather, repeated short bursts are enough to disrupt routers and servers, producing the same effect. By the time the systems have recovered from the first burst, or pulse, the hackers hit them again. In this way, they can double their resource utilisation and pin down several targets. 

With effective sniping, even more simultaneous attacks can be launched to pin down multiple targets and boost the offenders’ bottom line.
The existence of such capabilities spells bad news for everyone, as they enable bad actors to greatly increase their attack output. The pulse-like nature of these attacks, however, is especially harmful for appliance-first mitigation solutions, since it can cut down the communication between their two components, preventing effective fail over from the appliance to the cloud. Specifically, the attacks have the capacity to delay the time it takes for the cloud component of the mitigation solution to kick in. This increases the likelihood of the target going down and being forced to initiate a prolonged recovery process.  Moreover, the pulse wave assaults can prevent transition of data collected in the early attack stages from the appliance and into the cloud to further harm its responsiveness.
As the research points out, while pulse wave attacks constitute a new attack method and have a distinct purpose, they haven’t emerged in a vacuum. Instead, they’re a product of the times and should be viewed in the context of a broader shift toward shorter-duration DDoS attacks. Multiple industry reports—including the Imperva Incapsula quarterly DDoS Threat Landscape report— point to an increased number of short-lived DDoS events over the past year. As a result, the majority of all DDoS attacks today, both at the network and application layers, consistently last less than one hour. Moreover, the percentage of such short-burst attacks is growing each quarter. 
“For a commercial organisation, every such instance translates into tens of thousands of dollars in direct and indirect damages. For professional offenders—already inclined to split up their attack resources for optimised utilisation—this serves as another reason for them to launch pulse wave DDoS assaults. Consequently, we expect to continue encountering such assaults. We also forecast them to grow larger and become more persistent, fuelled by botnet resource evolution and the previously described macro trends we’ve observed in the DDoS landscape,” Zeifman added.
The full research paper ”Attackers Use DDoS Pulses to Pin Down Multiple Targets, Send Shock Waves,” presents a detailed dive-in into the nature of pulse wave attacks, the threat that they pose and their place in the DDoS threat ecosystem.

Tags: attackCybercybersecurityDDoSImpervatech
ShareTweet
Previous Post

Hacker Whose Tools Were Used in DNC Hack Steps Forward

Next Post

Protect Your Privacy with Webcam Protection

Recent News

Q&A: Cyber’s Headed Back to the CSIDES

Q&A: Cyber’s Headed Back to the CSIDES

July 13, 2026

UK Cyber Attacks Climb 34% as Ransomware Leadership Shifts, Check Point Research Reveals

July 13, 2026
Cyber Shield

UK Government Unveils AI Powered Cyber Shield to Strengthen National Cyber Defense

July 10, 2026
KnowBe4 phishing by industry

Healthcare, Hospitality and Construction Named UK’s Most Phishing-Prone Industries

July 10, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol