Maria Korolov of CSO Online on DDoS reflection attacks making a comeback but are more difficult to stop this time thanks to a larger attack surface:

These attacks, known as Simple Service Discovery Protocol (SSDP) attacks, are now the single largest attack vector for DDoS attacks, accounting for 21 percent of all attacks, up from 15 percent last quarter, and less than 1 percent at this time last year.

“There are infectable SSDP services all over the Internet,” he said. “As they are discovered, we help work with people to shut them down.”

Although each particular device has just a fraction of the bandwidth available to data center-based servers, there are more of them.

“There’s a fertile ground of home systems,” he said. “A property configured home firewall can block this, but there are many improperly configured home systems connected to the Internet – and there are also industrial systems that can be used to reflect attacks as well.”

This attack source is also harder to shut down, he said.

“It’s easier to go into the data center and have the service providers do the clean-up,” he said.