Almost 60 percent of all DDoS attacks observed during the first quarter of this year were multi-vector attacks, Akamai said in a report released last month. The majority of them used two vectors, and only 2 percent used five or more techniques.
The DNS (Domain Name System) reflection technique used in this large attack was also interesting, because attackers abused DNSSEC-enabled domains in order to generate larger responses.
DNS reflection involves abusing misconfigured DNS resolvers that respond to spoofed requests. Attackers can send DNS queries to these servers on the Internet by specifying the target's Internet Protocol (IP) address as the request's source address. This causes the server to direct its response to the victim instead of the real source of the DNS query.