DDoS Attacks Growing, Cloud a Target

Wednesday, July 30, 2014 @ 03:07 PM gHale


There has been an increase in distributed denial of service (DDoS) attacks and a resurgence of botnets to carry out server-based attacks, a new report found.

DDoS activity increased by 22 percent, putting it close to the record-breaking levels set in the year’s first quarter, according to the Q2 2014 Global DDoS Attack Report from Prolexic Technologies, now part of Akamai.

RELATED STORIES
Cloud Botnets able to Mine Coin
Malware Threat Targets Linux, Unix
Bad Guys Use Govt. Quality Malware
After Takedown, Botnet Returns

A 72 percent increase in the average bandwidth of attacks means DDoS activity has become stronger and more capable of overwhelming targets with data packets.

DDoS activity was mostly from reflection-based attacks that abuse common web protocols, and server-side botnets that exploit the web vulnerabilities in Windows, Linux and content-management systems, according to the report.

The increase in botnets came down to the current political climate and the ease of exploitable vulnerabilities in traditional internet services, such as the Network Time Protocol and Domain Name System, said Jay Coley, senior director of Line Services at Akamai.

“Attackers are able to use these services to ‘reflect’ attacks and increase the strength of traditional botnets by 100 to 400 percent,” he said.

“These tools also add a layer of obscurity to the botnets as they are never actually touching the targets directly, but ‘reflecting’ and increasing their attacks using these exploits.”

Nearly half of the DDoS attacks aimed at IT infrastructure rather than websites or applications. Vendors of cloud services such as Platform-as-a-Service (PaaS) and Software-as-a-service (SaaS) were common targets.

The researchers said such attacks could exhaust incoming network bandwidth and essentially cripple entire data centers.

Behind these powerful attacks are tactics to build, conceal and deploy dangerous botnets, said Stuart Scholly, senior vice president of security at Akamai Technologies.

“Server-side botnets are preying on web vulnerabilities, and reflection and amplification tactics are allowing attackers to do more with less,” Scholly said.

While Akamai said that server-side botnets have only occurred in the most sophisticated and orchestrated DDoS attacks, high-volume infrastructure end up specifically tailored to avoid DDoS mitigation technology.

Given the rise of cloud computing and adoption of service-based IT infrastructure, Akamai believes the effectiveness of such DDoS attacks pose a significant threat to businesses and even government organizations.

Click here to register for the report.



Leave a Reply

You must be logged in to post a comment.