Distributed denial of service (DDoS) attacks have become mainstream and more complex with increasing motivations for these kinds of attacks.
This is according to Mark Campbell, consulting engineer, Arbor Networks, who was presenting at the ITWeb Security Summit 2014 in Sandton yesterday.
Campbell noted that these kinds of attacks are non-discriminant as anybody can be the target. "You could be the flower shop next door and be the victim of a DDoS attack," he said.
DDos is not just a nuisance, he pointed out. He said when a company falls victim to this type of attack, it affects business, the morale of the customers and the staff.
To Campbell, the most common motivations for these kinds of attacks vary from political, online gaming and vandalism to extortion.
There has been a huge upsurge in the exploitation of the network time protocol (NTP) that is used by machines connected to the Internet to set their clocks accurately, noted Campbell.
According to Campbell, the largest NTP attack monitored by Arbor Networks this year was a 400GB per second attack towards a single entity. He noted that if Africa had to be hit by a 400GB attack, it would bring the continent offline.
He said host routers are tools designed to bring a single user offline, and are very popular in the gaming community. Gaining a competitive edge over other players is one of the reasons this tool was developed.
Campbell revealed that this tool has DDoS capability by default. It can impact infrastructure like firewalls and IPs because of the type of traffic that it sends out. So there is huge collateral damage in the weight of these attacks, he pointed out.
"You could have been bringing down the company next door, but in doing so have both your companies' ISP and next be damaged, and that's what this tool can exploit."
He mentioned that Shell booters are attack scripts that have been loaded onto bullet-proof servers sitting in data centres that have access to the backbone of the Internet; often these are shared systems or ones that a user can buy or rent. "You have this simple tool, users tell it which work server they want it to connect, that has the php script running on it, and what they want to attack. So users just control that system remotely."
In closing, Campbell noted that the DDoS landscape is thriving, often effective and popular and as it is easy to launch attacks and to buy them. DDoS bots continue to evolve with new anti-DDoS evasion features designed to bypass DDoS mitigation systems.
He says there is no solution in sight to fully curb these attacks and that innovation is needed to better handle them.
Share