Feeds

Botnets fuel internet DDoS insurgency

Attacks top 100Gbps for the first time

Website security in corporate America

Updated Distributed denial of service attacks topped 100Gbps for the first time last year, during which attempts to flood websites with junk traffic went mainstream.

Major incidents in 2010 included DDoS attacks associated with pro- and anti-WikiLeaks hackers and militias as well as hacking attacks linked to political turmoil in Burma and Sri Lanka, according to the latest annual study by DDoS mitigation experts Arbor Networks. The DDoS mitigation firm saw the maximum attack traffic in the most ferocious attack exceed 100Gbps1 for the first time last year.

Botnets of compromised PCs once again served as the launchpad of countless attacks. Website packet-flooding attacks and more sophisticated application-layer attacks have been the mainstay of such activity but last year attacks targeting telecoms services – DNS (Domain Name System), VoIP and IPv6 – became more commonplace, according to the report. In particular, attacks against DNS servers have increased, mainly because it is relatively easily to floor such servers (even in cases where they are correctly configured and even more so when config problems come into play). Taking out DNS services would leave a majority of surfers unable to reach a targeted website.

Both data centre and telecoms service providers told Arbor that application-layer DDoS attacks are leading to significant outages. In response, many service providers have set up stateful firewalls and intrusion prevention system (IPS) devices to protect data centre infrastructure. Unfortunately these devices can act as a bottleneck when deployed in front of web servers, becoming overwhelmed by even a moderately powerful DDoS assault. Nearly half (49 per cent) of enterprises or operators surveyed experienced a firewall or IPS outage as the result of a DDoS attack.

"Network operators are facing a global Internet insurgency driven by the ubiquity of botnets," said Roland Dobbins, solutions architect with Arbor Networks. "This has led to rapidly escalating DDoS attack size, frequency and sophistication. Adding to the challenges facing operators is the increasing number of attack vectors, including applications and services, not to mention the proliferation of mobile devices." ®

1 The 100Gbps DDoS attack reported by a survey respondent was a DNS reflection/amplification attack, made possible by a combination of a lack industry-standard best practice anti-spoofing policy enforcement at network edges, coupled with the misconfiguration of a large number of DNS servers around the internet as open recursors.

The victim was an ISP, a customer of one of the network operators who took part in the survey, Arbor Networks explains.

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Blood-crazed Microsoft axes Trustworthy Computing Group
Security be not a dirty word, me Satya. But crevice, bigod...
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.