If you have been keenly following developments in the tech sphere, you would have definitely come across the term DDoS. In fact, in one of the largest DDoS attacks ever, cybercriminals recently bombarded renowned security blogger Brian Krebs’ website - Kerbsonsecurity.com, with a massive 665 gigabits per second of traffic! Now, before that let's see what security companies have to say about DDoS and how you can prevent such attacks, let’s try and understand what DDoS means and how such an attack can affect your life.
What is DDoS?
Imagine you are a shopkeeper and you each day you get hundreds of customers wanting to buy your products. Business is good and you are sitting happy on a pile of money, thinking of ways to scale up your operations, retiring, or just happy counting the cash. Now, imagine that one fine day, a bunch of thugs decides to make your life hell by crowding up your shop to such an extent that your regular customers cannot enter and your business dies a sudden death. That is what happens in a DDoS attack.
Short for Distributed Denial of Service, DDoS attacks are often initiated through multiple sources. Hundreds and thousands of unique IP address overload and flood a network, or a host, or a web app, or even a device connected to the internet, making it impossible for users to access services or resources of the same.
DDoS Attacks on the rise
According to a recent security report by Akamai Technologies, Q2 2016 saw a whopping 129% year-on-year increase in DDoS attacks. Incidentally, Akamai was hosting Krebs’ website when it was hit by the DDoS attack we mentioned above. The independent security journalist had apparently exposed a DDoS attack-on-demand service called vDOS, making him one of the biggest targets of the attack eventually.
What came to Kerbs’ rescue was Google’s Project Shield, a free service designed to fend of DDoS attacks online and “protect news sites and freedom of expression”. Now if you thought the attack on Kerbs’ website was huge, French hosting mammoth, OVH said that it suffered an even bigger DDoS assault with 1100 Gbps of traffic!
How are DDoS attacks carried out now?
A DDoS attack uses hundreds and thousands of IP addresses to clog up a network or an online service. Now where do these IP addresses originate? Well, in the latest series of attacks, cybercriminals have been known to use botnets (a huge network of machines and computers infected with malicious software) made up of thousands of IoT devices such as CCTV cameras, IP cameras, DVRs (Digital Video Recorders) and more. These devices are easily hacked into by cyber criminals, who then command them to carry out DDoS attacks. In fact, one of the botnets that targeted OVH was made up of 145, 607 DVRs and cameras.
A recent report by security research firm Symantec notes, “cybercriminals are hijacking home networks and everyday consumer connected devices to help carry out distributed denial of service (DDoS) attacks on more profitable targets, usually large companies. To succeed, they need cheap bandwidth and get it by stitching together a large web of consumer devices that are easy to infect because they lack sophisticated security.
More than half of all IoT attacks originate from China and the U.S., based on the location of IP addresses to launch malware attacks. High numbers of attacks are also emanating from Germany, the Netherlands, Russia, Ukraine and Vietnam. In some cases, IP addresses may be proxies used by attackers to hide their true location.” The report goes on to add, “As attackers are now highly aware of insufficient IoT security, many pre-program their malware with commonly used and default passwords, allowing them to easily hijack IoT devices. Poor security on many IoT devices makes them easy targets, and often victims may not even know they have been infected.”
So there you have it. If you are on the web, have a website, have a blog, a page, a store, IoT devices, or even if you are a consumer of any of the above, watch out for DDoS attacks. Remember, privacy is a myth in this world and knowledge is the only weapon you have to protect yourself.
I ♥ Flyme | We determine who we are by what we do...
Excellent thread. Also recently ovh was hit by a 1.5Tbps attack . Guess what , this time it was hit by the IOT.(dvr & other live feeds of home cameras, toasters, etc)