Más DDoS: More Powerful, Complex, And Widespread

  /     /     /  
Publicated : 22/11/2024   Category : security


Más DDoS: More Powerful, Complex, And Widespread


New DDoS reports highlight evolving M.O. of DDoS and DoS attacks and increased firepower



Three DDoS reports published this week reveal how more powerful attacks are becoming the norm, that hacktivism is the main inspiration now rather than extortion -- and anyone can be a victim, not just high-profile organizations.
Arbor Networks, Radware, and Prolexic each released reports detailing trends and data in distributed denial-of-service (DDoS) and regular denial-of-service (DoS) attacks. Among the trends in these often-debilitating attacks on a victims network infrastructure, website, or other application-layer services is that the impetus for these attacks now is more about hacktivism and vandalism versus extortion -- an old-school motivation -- and no one is immune from becoming a target.
It was stunning to us what motivated these DDoS attacks, says Roland Dobbins, solutions architect at Arbor and one of the authors of Arbors
World Wide Infrastructure Security Report for 2011
. It was a surprise to us, but at the same time it jives with our individual experiences and working with service providers around the world. About half the DDoS attacks I personally helped defend against were ideologically motivated.
Dobbins says this is a game-changer. This really alters the threat landscape for any organization thats Internet-connected. If anyone has a political or ideological ax to grind against an organization or the country where they are headquartered, they are at risk, he says.
Radwares
2011 Global Application and Network Security Report
echoed some of the same findings about DDoS and DoS attacks in that hacktivists were the main perpetrators, with 22 percent of attacks; 12 percent were angry users; 7 percent, a competitor; and 4 percent, extortion. Half of the attacked organizations surveyed by Radware didnt know why they were targeted.
Arbor also found that attackers now have so much firepower that high-volume attacks are no longer a rarity. DDoS attacks in the 10-Gbps range were up, with 13 percent reporting them, and 25 percent of victims say they were hit by attacks that outpaced the total bandwidth of their data center.
10-Gbps and under attacks are no longer very rare -- they are very commonplace, Dobbins says. And the broader deployment of [anti-] DDoS technologies [by organizations] is causing attackers to up their game, so its an arms race.
Prolexics
Quarterly Attack Report for Q4 2011
also shows a marked increase in more powerful DDoS attacks. The average attack bandwidth in the fourth quarter was 5.2 Gbps, up from 2.1 Gbps in the third quarter; thats an increase of 148 percent, according to Prolexic. Average attack bandwidth jumped 136 percent last year to 2.6 Gbps versus 1.1 Gbps in 2010.
But size doesnt always matter. Radwares report says most organizations dont suffer from catastrophic DDoS attacks: Smaller, less powerful ones can cause more damage with less bandwidth. Some 76 percent of attacks in its survey came in at under 1 Gbps, with 32 percent less than 10 megabits-per-second, and nine percent more than 10 Gbps.
Meanwhile, application-layer attacks are on the upswing. There is a rise in the sophistication and prevalence of application-layer attacks, Arbors Dobbins says. Attackers are not just launching high-bandwidth, high-packet-based attacks. They are doing research and figuring out how to [attack] the app running on the server ... causing websites to fall over.
According to Radware, 56 percent of DoS-type attacks last year went after applications, and 46 percent, the network. Financial services was hit the most, with 28 percent of the attacks, followed by government (25 percent) and gaming sites (25 percent).
Attackers arent just going after one specific application or HTTP. They are mixing two or more vectors, such as HTTP, SMTP, HTTPS, DNS, SNMP, and IRC, according to Arbors Dobbins.
Some attacks used up to five different attack vectors in a campaign, according to Radware. And the big bandwidth-sized attacks arent necessarily the most damaging. A smaller HTTP attack can do more damage than a massive UDP flood attack.
And Prolexic saw shorter attack intervals. We have seen a trend toward shorter overall attack duration, but with unprecedented high packet-per-second volume and lethal attack signatures,” says Paul Sop, chief technology officer at Prolexic. This is a devastating cocktail that can quickly bring down even well-protected sites and their mitigation providers. We are starting to see packet-per-second attack volumes that are simply off the charts.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Más DDoS: More Powerful, Complex, And Widespread