High Speed DDoS Attacks on Rise

Wednesday, August 7, 2013 @ 03:08 PM gHale

Almost half of the distributed denial-of-service attacks (DDoS) now reach speeds of over 1Gbps, a new report said.

That is an increase of 13.5 percent from last year, while the portion of DDoS attacks over 10Gbps increased about 41 percent in the same period, according Arbor Networks’ monitoring system.

BIND Name Servers get Patched
BIND 9 DoS Hole Patched
LinkedIn Token Flaw Thwarted
LinkedIn Outage Caused by DDoS

In addition, the Arbor Networks monitoring system, based on anonymous traffic data from more than 270 service providers, saw second quarter traffic more than doubling the number of attacks over 20Gbps that occurred in all of 2012. The only number that went down was the duration of all of these DDoS attacks, which now trend shorter, with 86 percent lasting less than one hour, according to the Arbor Networks trends report for the second quarter of 2013.

Attackers have their own motivations for launching DDoS attacks, such as political ones or organized crime-related ones, but it’s the ready availability of botnets for hire and crowd-sourced attack tools that give them the easy means, said Jeff Wilson, principal network security analyst with Infonetics Research.

Meanwhile, Dallas-based security provider, FireHost said its customers were targets for about 24 million different types of attacks. About 3.6 million of these blocked attacks aimed to compromise websites through SQL Injection, Cross-Site Request Forgery (CSRF), Directory Traversal and Cross-Site Scripting (XSS). This is an increase in web-compromising attacks of this type from the 3.4 million seen in the first quarter, FireHost said.

In the second quarter, the number of CSRF attacks rose 16 percent over the previous quarter, and SQL Injection attacks rose 28 percent. However, the XSS attacks, which involve the insertion of malicious code into webpages to manipulate visitors, remained the most prevalent attack type. FireHost said sometimes attacks blend in with other exploits or end up automated.

FireHost said it is not unusual to see these blended attacks originating from within cloud-service provider networks.

“Cybercriminals can easily deploy and administer powerful botnets that run on cloud infrastructure,” said FireHost founder and chief executive Chris Drake. “Many cloud providers unfortunately don’t adequately validate new customer sign-ups, so opening accounts with fake information is quite easy.” After setting up the account, the attacker can run an automated process that can “deploy a lot of computing power on fast networks, giving a person the ability to create a lot of havoc with minimal effort,” Drake said.

Leave a Reply

You must be logged in to post a comment.