Hacktivists and gamers are becoming big users
of net attacks that knock sites offline by
bombarding them with data, suggests a report.
Compiled by Arbor Networks, the report looks
at
10 years of distributed denial of service (DDoS)
attacks.
The ease with which they could be staged had
made them a favourite for groups with a
grudge,
said Arbor.
Also, it said, insecure home routers were being
enrolled into large groups of devices that
mounted the attacks.
Extortion attempt
In the early days of DDoS, cybercrime gangs
had
used them to extort cash from websites run by
betting and gambling firms that could not
afford
to be knocked offline, said Darren Anstee, a
senior analyst at Arbor.
Now, he said, attacks were being mounted by
different groups and had grown considerably in
size.
In 2011, the biggest attacks had flung about
100
gigabits per second (Gbps) of data at targets,
found the report. In 2014 that peak had hit
400Gbps and in the same year there had been
four times as many attacks over 100Gbps than
in
the previous 12 months.
"There's been a massive jump in the number of
very large attacks going on out there," said Mr
Anstee.
"In 2014 we saw more volumetric attacks, with
attackers trying to knock people offline by
saturating their access to the internet."
Almost 40% of the organisations Arbor
contacted
for its report said they were being hit by more
than 21 attacks per month, said the report.
Part of the reason for the shift to the large
attacks could be explained by a change in the
technologies being used to stage them, he
said.
When cybercrime gangs had been behind the
majority of attacks, the data barrages had been
generated by the thousands of hijacked home
computers they had had under their control, he
said.
Botnets were still used to mount extortion
attacks, he said, and were also used to divert
the attention of a company's security team so
they did not notice a separate attack on
another
part of a company's infrastructure.
Figures in the report suggested that companies
were getting better at spotting the early stages
of an attack and recovering once they were hit,
he said.
However, said Mr Anstee, building a botnet was
difficult for hacktivists and others, who had
instead turned to other net-connected devices
and technologies to generate the huge data
flows.
Some attacks abused the net's timekeeping
system or the domain servers that kept a list
of
which website was where, he said.
Other groups had found ways to enrol insecure
home net gateways and routers into attacks,
he
added.
Hacktivists, hacker groups such as Lizard
Squad
and gamers who wanted revenge on other
players were the bigger users of these tactics,
said Mr Anstee.
It was now easy to find so-called "booter"
services online that let gamers kick rivals off a
particular gaming network or title by attacking
that network, he said.
DDoS was also being used by people keen to
use
their technical skills express their feelings
about
a real-world conflict.
"If you look at DDoS attacks and try to tie
them
up with geopolitical events in the last few
years,
you will always see those events echoed in
cyberspace," he said.
No comments:
Post a Comment