Hackers are generating unprecedented power in every sense of the phrase. The power for censorship. The power for destruction. The power for terrorism. And each of these are a direct result of the power they harness from computers and connected devices.
As DDoS threats consume the minds of information security technologists, most frequently discussed are mitigating the common attacks – DNS reflection, NTP amplification, UPNP attacks. What isn’t immediately considered however, is the much larger tectonic shifts that are driving these attacks. We discuss 3 factors.
In recent months, we’ve witnessed a surge in attacks generating enough bandwidth to immobilize major institutions. Dyn, Krebs-on-security, and the Olympic games have been targets for disruption – with many of these services crumbling under the onslaught of the DDoS attacks.
Increased security awareness has made it harder to collect the big networks of zombies needed to perpetrate these attacks. Attackers are flexing their creative muscles, and veering away from computers to launch their attacks. Rather, hackers are now hitching a ride on coattails of the IoT to generate the intensity needed to slow servers to a halt. Smart technology meets smarter hackers.
Society is increasing connectivity using arbitrary IoT gadgets, and in turn, making sizable attacks (of a Terabit per second or more) much more feasible – a yin and yang of innovation gone wrong if you will. The acquisition of data for cyber terrorism can now be found in anything (well, almost). CCTVs for example, played an integral role in DDoS threats as of late. The ability to stream large amounts of data for an extended period of time, virtually undetected, allowed the attack to circumvent security protocols and fester from within.
As firewall technology struggles to adapt, information from every day mechanicals are vulnerable, including gaming systems, pocket devices, even your smart fridge can now take down captains of industry and cause big headaches for cyber security professionals.
It is clear that the zombies needed for the botnets that cause the large amounts of attacks are fairly accessible, yet they still require some serious hacker skill to compromise. But, what happens when DDoS is up for grabs? Booters, found with a simple Google search, pose a major threat to big commerce and industry. Want to be a cyber-criminal? No problem. There’s an app for that! Well, maybe not an app per se, but there’s certainly no shortage of services online that will help you take down an arch nemesis or some unsuspecting website for money, no mad hacker skills required.
For a small fee, rentable DDoS services, with your choice of size and timeframe, can be yours for use in an attack. And just like that, you’re a cyber criminal. Coordinated zombie attacks are no longer exclusively for the tech savvy. With step by step instructions, right down to proverbial best practices, online Booters will have you slowing traffic and disrupting websites in no time. Sure, there are risks involved for the would-be-criminal, but it poses an even greater risk to companies at the receiving end of those wielding this power with little to no altruism.
The Internet is complex and very resilient. But where there is structure, there is weakness. How long before a well-orchestrated attack impacts not just one service, but all of us?
DDoS threats have become so destructive that targeting a specific service now typically has repercussions for adjacent or related services. Call them “innocent bystanders”. As powerful, lengthy attacks become more prevalent, technologists are noticing the collateral damage of systems housed next to the bullseye, or relying on the bullseye.
Renowned security technologist, Bruce Schneier, authored the blog post “Someone is Learning How to Take Down the Internet” where he discusses profiling attacks and probing – “extensively testing the core defensive capabilities of the companies that provide critical Internet services.” In essence, he eludes to a suspected mapping by an educated cyber criminal. One who is obtaining a dangerously solid understanding of what they are up against to create something extremely powerful.
Another troubling fact is that an entire arsenal of defensive cyber security technology slowly becomes irrelevant as new attack innovation is introduced. Your best defense is adaptability. And to be able to effectively adapt, you must understand the threat you are up against.
Cyber security professionals are on the front lines of the DDoS threat mitigation battle. The ability to be proactive, as well as reactive, are a company’s best defense to withstand attacks and avoid service outages. Visibility is your best defense. FlowTraq is a cyber security technologist’s primary weapon of choice
FlowTraq is a DDoS Mitigation Management tool that automatically responds to DDoS attacks in seconds. Thanks to integration with dozens of scrubbing and mitigation vendors, FlowTraq is able to automatically pick the best mitigation approach for each attack, maximizing mitigation effectiveness, and minimizing your cost-to-mitigation.