Deep Dive – HTTP/2 Rapid Reset Attack

Infographic Threat Talks - Security and Compliance
Listen to Threat Talks - Cybersecurity Podcast on Spotify
Listen to Threat Talks - Cybersecurity Podcast on YouTube
Listen to Threat Talks - Cybersecurity Podcast on Apple Podcasts
Listen to Threat Talks - Cybersecurity Podcast on Amazon Music

HTTPS/2 Rapid Reset DDoS method

Flooding targeted servers and websites

The HTTP/2 Rapid Reset attack is a powerful new DDoS method that exploits weaknesses in the HTTP/2 protocol. This method enables attackers to generate substantial traffic with relatively small botnets. It involves rapidly resetting HTTP/2 streams, causing a flood of requests that overwhelm targeted servers and websites.

For this Deep Dive into HTTP/2 Rapid Reset, host Lieuwe Jan Koning is joined by Rob Maas (Field CTO at ON2IT) and Luca Cipriano (Threat Intel Specialist at ON2IT) as they reveal how these types of attacks are set up and how they can best be mitigated.
How do you keep your head above water in a flood of requests and resets?

Tune in for this Deep Dive to find out!

 

Infographic

For a complete overview of the HTTP/2 Rapid Reset Attack and other attacks featured in the Can’t Deny DDoS Threat Talks; check the infographic.

Your cybersecurity experts

Lieuwe Jan Koning, Co-Founder and CTO, ON2IT

Lieuwe Jan Koning

Co-Founder and CTO, ON2IT Group

Luca Cipriano, Threat Intel Specialst, ON2IT

Luca Cipriano

Threat Intel Specialist, ON2IT

Rob Maas, Field CTO, ON2IT

Rob Maas

Field CTO, ON2IT

Episode details

How HTTP/2 Rapid Reset attacks flood servers and websites

The HTTP/2 Rapid Reset attack leverages vulnerabilities in the HTTP/2 protocol, sending a flood of rapid reset frames to overwhelm targeted web servers. This forces servers to waste resources by repeatedly resetting connections, leading to service outages and downtime.

Unlike traditional DDoS attacks, this method exploits the efficiency and speed of HTTP/2, making it more difficult to detect and mitigate. The attack’s ability to disrupt server operations with minimal traffic volume allows attackers to take down websites and applications with precision, causing severe disruptions to businesses and services.

For this Deep Dive into HTTP/2 Rapid Reset attacks, host Lieuwe Jan Koning is joined by Field CTO Rob Maas and Threat Intel Specialist Luca Cipriano of ON2IT.

Luca walks through the steps attackers took and how they exploit what’s supposed to be a feature, whereas Rob offers insights on what mitigations would work against such attacks.

Tune in for this Deep Dive to find out more!

 

Stay up-to-date on cybersecurity threats

Subscribe to our Spotify channel for deep dives into the dynamic world of cybersecurity. Stay informed, and stay secure!

Infographic Threat Talks - Security and Compliance