A new quarterly report from Arbor Networks has revealed the increasing challenge posed by high-bandwidth denial-of-service attacks.
The report found that while the vast majority of denial-of-service attacks continues to be the typical background “noise” of rival gamers, online criminals and Internet vandals causing problems for each other, the more serious, higher-bandwidth attacks have quadrupled.
Denial-of-service (DoS) attacks exceeding 20Gbps, which will overwhelm almost any online service’s bandwidth, more than quadrupled so far in 2013, compared with the previous year, according to the network management firm. While the attacks account for only approximately 1 percent of all data floods, the increase in large-bandwidth DoS attacks suggests that more serious groups are now using denial of service as a common tactic.
Denial-of-service attacks are increasingly used as part of hacktivism and cyber-criminal campaigns in a variety of ways. Extortion scams used packet floods to overwhelm online gambling, retail and other sites that quickly lose money if their customers cannot connect; paying the ransom will allegedly stop the attacks, for a while. Online thieves use DoS attacks to distract defenders at financial institutions, so they are less vigilant during account thefts. Hacktivists, such as the al Qassam Cyber Fighters, disrupted financial institutions to incur costs to Western companies.
Yet most attacks are gamers who use short DoS attacks to kick opponents offline during a game, rival cyber-criminal organisations who seek advantage in the underground and Internet vandals who do it for fame. These “short, sharp” attacks have dominated packet floods, according to Holden. While the bandwidth used by the average DoS attack jumped 78 percent, seven out of every eight attacks lasts less than an hour.
“Historically, most of your DDoS [distributed denial of service]… is gamers and is very typical of what we all did on IRC [Internet Relay Chat] in the ’90s,” Holden said. Online arguments among early hackers occasionally devolved into battles to kick each other offline. “If you have enough bandwidth at home, or a small botnet, you can easily take someone offline.”
Attacks that used bandwidth of more than 10Gbps accounted for more than 4 percent of all attacks, while the largest confirmed DoS attack topped 191Gbps, according to Arbor. Those more serious packet floods lasted 2 hours and 17 minutes on average, the report stated.
While larger-bandwidth attacks are becoming the norm, Holden pointed out that the increases are partially offset by the growth in capacity of the Internet. In many ways, attackers have to increase the size of their attacks just to have the same impact as in the past, he said.
What do you know about Internet security? Find out with our quiz!
Originally published on eWeek.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…