Are DDoS attacks getting stronger?
A distributed denial of service, otherwise known as DDoS, is a malware attack directed at online services aiming to overwhelm them with traffic from multiple sources, and make them unavailable to legitimate users. From 2013 to 2015 the size of the attacks increased by an average of 30% per year. And in 2016 the attacks reached a new level in terms of size, complexity, and duration.
In September 2016 OVH, a French hosting provider, was attacked by hacked IoT devices using malicious code called Mirai. It was the first 1 Tbps attack in history. The problem lies in the domain of IoT data security which most companies push aside when creating their devices. Who would have ever thought a smart thermostat could be used to attack websites or huge hosting companies?
Is this the start of a new hacking trend?
It is definitely a trend! The attacks are not only becoming larger, but also the duration is becoming longer. For instance, Kaspersky reported approximate 12 day-long DDoS attacks last year.
In January 2017 the British Lloyds bank became yet another victim of a DDoS attack, which lasted for two days. The hackers were demanding 100 Bitcoins (which is approximately $94,000) be transferred to their account to end the attack.
Deloitte predicts that this trend will continue throughout 2017, with such attacks occurring at least once per month. Sounds dangerous, doesn’t it? There are two reasons why IoT is a lucky ticket for hackers:
- The number of IoT devices is increasing dramatically.
- While being connected to the Internet, with almost no defense, such devices open up a new potential point of entry and security breaches for hackers.
The worst part about IoT in terms of hacks is that each new device that has been compromised offers new levels of computing power and a lot more junk data spread if added to a massive botnet.
New types of DDoS attacks
IoT devices are not the only trick in the toolkit of today’s hackers. WordPress pingback is another common breach that hackers use to attack websites. Pingback is being misused to leverage thousands of legitimate websites running on WordPress. The malicious actor can craft pingback requests to legitimate blogs that are running WordPress posing as the targeted URL. Each of those legitimate blogs will then send requests to the targeted URL attempting to download the whole URL.
Any organization with increased internet dependency should know about the potential impact of such attacks, and the defense against DDoS attacks should become a top priority for cybersecurity professionals.
How to secure your business against IoT DDoS attacks
If you are responsible for cybersecurity in your company, you should know how botnets such as Mirai work. Here are few tips on how to protect your network against DDoS attacks:
- You should have extra hardware to switch to in the event of an attack.
- Install an automatic DDoS reduction system that will split all traffic and filter all requests from bots and compromised devices.
- Keep the most important data on the premise. Storing everything in the Cloud could lead to losing the access to your data during DDoS attacks. Imagine losing access to your data for 12 days!
At Akruto, we believe that in a world that is full of data breaches, businesses and individuals should keep their data where they can control it. Despite the growing trend of Cloud adoption, we recommend that you keep your sensitive and business data on your PC or build an isolated on-premise infrastructure.
No Comments