Feeds

Botnets fuel internet DDoS insurgency

Attacks top 100Gbps for the first time

Top 5 reasons to deploy VMware with Tegile

Updated Distributed denial of service attacks topped 100Gbps for the first time last year, during which attempts to flood websites with junk traffic went mainstream.

Major incidents in 2010 included DDoS attacks associated with pro- and anti-WikiLeaks hackers and militias as well as hacking attacks linked to political turmoil in Burma and Sri Lanka, according to the latest annual study by DDoS mitigation experts Arbor Networks. The DDoS mitigation firm saw the maximum attack traffic in the most ferocious attack exceed 100Gbps1 for the first time last year.

Botnets of compromised PCs once again served as the launchpad of countless attacks. Website packet-flooding attacks and more sophisticated application-layer attacks have been the mainstay of such activity but last year attacks targeting telecoms services – DNS (Domain Name System), VoIP and IPv6 – became more commonplace, according to the report. In particular, attacks against DNS servers have increased, mainly because it is relatively easily to floor such servers (even in cases where they are correctly configured and even more so when config problems come into play). Taking out DNS services would leave a majority of surfers unable to reach a targeted website.

Both data centre and telecoms service providers told Arbor that application-layer DDoS attacks are leading to significant outages. In response, many service providers have set up stateful firewalls and intrusion prevention system (IPS) devices to protect data centre infrastructure. Unfortunately these devices can act as a bottleneck when deployed in front of web servers, becoming overwhelmed by even a moderately powerful DDoS assault. Nearly half (49 per cent) of enterprises or operators surveyed experienced a firewall or IPS outage as the result of a DDoS attack.

"Network operators are facing a global Internet insurgency driven by the ubiquity of botnets," said Roland Dobbins, solutions architect with Arbor Networks. "This has led to rapidly escalating DDoS attack size, frequency and sophistication. Adding to the challenges facing operators is the increasing number of attack vectors, including applications and services, not to mention the proliferation of mobile devices." ®

1 The 100Gbps DDoS attack reported by a survey respondent was a DNS reflection/amplification attack, made possible by a combination of a lack industry-standard best practice anti-spoofing policy enforcement at network edges, coupled with the misconfiguration of a large number of DNS servers around the internet as open recursors.

The victim was an ISP, a customer of one of the network operators who took part in the survey, Arbor Networks explains.

Internet Security Threat Report 2014

More from The Register

next story
'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
More alleged private, nude celeb pics appear online
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
BitTorrent's peer-to-peer chat app Bleep goes live as public alpha
A good day for privacy as invisble.im also reveals its approach to untraceable chats
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.