Corero Reports Unsecure IoT Devices Cause DDoS Attacks to Double in 6 MonthsNumber of DDoS Attacks Have Doubled in Six Months as Criminals Leverage Unsecured IoT DevicesOrganizations are now experiencing an average of 8 DDoS attack attempts per day, up from 4 per day at the beginning of 2017, fueled by unsecured IoT devices and DDoS-for-hire servicesOrganizations
experienced an average of 237 DDoS attack attempts per month during Q3
2017 – equivalent to 8 DDoS attack attempts every day – as hackers
strive to take their organisations offline or steal sensitive data,
according to the latest DDoS Trends and Analysis report from Corero Network Security (LSE: CNS), a leading provider of real-time DDoS defense solutions. The data, which is based on DDoS attack attempts against Corero customers, represents a 35% increase in monthly attack attempts compared to the previous quarter (Q2 2017), and a 91% increase in monthly attack attempts compared to Q1 2017. Corero attributes this increase in frequency to the growing availability of DDoS-for-hire services, and the proliferation of unsecured Internet of Things (IoT) devices. For example, the ‘Reaper’ botnet is known to have already infected thousands of devices, and is believed to be particularly dangerous due to its ability to utilize known security flaws in the code of those insecure machines. Like a computer worm, it hacks in to IoT devices and then hunts for new devices to infect in order to spread itself further. Ashley Stephenson, CEO at Corero, explains: “The growing availability of DDoS-for-hire services is causing an explosion of attacks, and puts anyone and everyone into the crosshairs. These services have lowered the barriers to entry in terms of both technical competence and price, allowing anyone to systematically attack and attempt to take down a company for less than $100. Alongside this trend is an attacker arms race to infect vulnerable devices, effectively thwarting other attackers from commandeering the device. Cyber criminals try to harness more and more Internet-connected devices to build ever larger botnets. The potential scale and power of IoT botnets has the ability to create Internet chaos and dire results for target victims.”
Sophisticated multi-vector attacksIn addition to the frequency of attacks, the Corero data reveals that
hackers are using sophisticated, quick-fire, multi-vector attacks
against an organization’s security. A fifth of the DDoS attack attempts
recorded during Q2 2017 used multiple attack vectors. These attacks
utilize several techniques in the hope that one, or the combination of a
few, can penetrate the target network’s security defences.
“Despite the industry fascination with
large scale, Internet-crippling DDoS attacks, the reality is that they
don’t represent the biggest threat posed by DDoS attacks today. Cyber
criminals have evolved their techniques from simple volumetric attacks
to sophisticated multi-vector DDoS attacks. Often lasting just a few
minutes, these quick-fire attacks evade security teams and can sometimes
be accompanied by malware and other data exfiltration threats. We
believe they are often used in conjunction with other cyber-attacks, and
organisations that miss them do so at their peril."Ashley Stephenson continues, Ransom Denial of Service
Corero observed a return of Ransom Denial of Service, or RDoS, in Q3
2017. A widespread wave of ransom DDoS threats from hacker group,
Phantom Squad, started in September, targeting companies throughout the
US, Europe and Asia. The extortion campaign spanned a variety of
industries – from banking and financial institutions, to hosting
providers, online gaming services and SaaS organisations – and
threatened to launch attacks on 30 September unless a Bitcoin payment
was made. Ashley Stephenson continues, “Ransom is one of the oldest tricks in the cyber criminal’s book, and with cryptocurrency, is an anonymous way for them to turn a profit. As IoT botnets continue to rise, we may soon see hackers put on more dramatic RDoS displays to demonstrate the strength of their cyber firepower, so that their future demands for ransom will have to be taken more seriously. Paying the ransom is rarely the best defence, as it just encourages these demands to spread like wildfire. It is proven that with proper protection in place to automatically eliminate the DDoS threat, organizations will be in a much stronger position.”
Source: Corero media announcement |