Corero Network Security report notes uptick in DDoS attacks
Distributed Denial of Service (DDoS) attacks are becoming more sophisticated and common, according to the latest DDoS Trends and Analysis report by Corero Network Security. In particular, Corero found its customers experienced an average of 237 attacks per month in the third quarter of 2017, a 35% increase compared to the second quarter and a 91% increase compared to the first quarter.
The authors of the report attribute the rise of attacks to an increase in DDoS-for-hire services and unsecure internet of things (IoT) devices. With respect to DDoS-for-hire services, these services have lowered the barriers to entry in terms of both technical competence and price, enabling cyber criminals to systematically attack and try to take down a company for less than $100. Once a DDoS attack is underway, security officials tend to be distracted by the DDoS traffic, allowing hackers to infect a network with ransomware or malware with whatever means available.
With respect to unsecure IoT devices, the ‘Reaper’ botnet, for example, is known to have pinpointed and manipulated vulnerabilities in devices. Every time a device is infected, it spreads the malware to other vulnerable devices, explained CEO of Corero Ashley Stephenson: “Cyber criminals try to harness more and more Internet-connected devices to build ever larger botnets. The potential scale and power of IoT botnets has the ability to create Internet chaos and dire results for target victims.”
The authors of the report noted two different types of DDoS attacks: sophisticated, multi-vector attacks and service flood attacks. The former involves tricking and overrunning conventional IT measures, whereas the latter involves saturating the bandwidth target victim, thereby spurring service outages, downtime and latency.
The report also discovered Ransom Denial of Service (RDoS) threats made a significant comeback in the third quarter of 2017, which were targeted at companies throughout the U.S., Europe and Asia. The attack involves a cyber criminal sending a message to a victim with a ransom ranging from five to 200 bitcoins, according to a recent Kaspersky Lab report. The hacker threatens to organize a DDoS attack on a victim’s online resources if they do not pay the ransom.
Commenting on what countermeasures users can take to such attacks, Stephenson commented: “The only way to keep up with these increasingly sophisticated, frequent and low volume attacks is to maintain comprehensive visibility and automated mitigation capabilities across a network, so that even everyday DDoS attacks can be instantly detected and blocked as they occur and before they cause damage.”
For a rundown on how to patch security holes in a vulnerable network, click here.