Bookmark and Share

One of the more commonly-used types of attack tactics implemented by hackers is the Denial of Service (DoS) hack.  At its base a denial-of-service attack is a hack that attempts to make a computer or network resource temporarily or persistently unavailable for its intended users. This is generally accomplished through the massive flooding of the victim network with superfluous requests, with the intent of being to either temporarily or indefinitely overload and crash the system or simply to make it more difficult or impossible for legitimate requests to be fulfilled.

An even more powerful subset of the DoS hack, called the DDoS or distributed denial of service attack occurs when multiple systems are used to flood the bandwidth resources of the target network. This brute force attack is often aided by the use of a botnet, which is used to create a distributed network from which to launch attacks. The botnet then helps multiple systems to inundate the victim system with an overwhelming number of requests, causing loss of performance.

DDoS attacks have generally been looked upon as more nuisance than nuclear, due to the limited devastation they cause from temporary service loss. At least when compared to other more pervasive hacks which can cost organizations millions in lost intellectual property and unrecoverable data. Indeed, Arborworks still cites “criminals demonstrating attack capabilities” as the number one reason for DDoS hacks in its 2016 Worldwide Infrastructure Security Report. However, a growing number of report respondents indicated that criminal hackers are increasingly utilizing DDoS attacks as a diversionary method to occupy IT resources in one area, while attempting more hazardous malware and data ex-filtration hacks on others.

Who is at risk?

Criminal “Hacktivists” have been targeting members of the financial industry with this kind of attack for years, often for the purpose of disruption. Over the last several years, many financial institutions have been implementing security measures as a result. However, this is not the case across all sectors as the IT Services/Cloud sector has taken the brunt of DDoS attacks in the last year or so. Arbornetwork 2016 Worldwide Infrastrcuture Security Report makes clear that denial of service attacks are on the rise, with a disturbing increase in the power and complexity of DDoS hacks developing, evidenced by steadily increasing data transfer rates.  Top-end size of DDoS attacks has risen year over year, with the largest attack being reported at over 500 billion bits per second (Gbps).

Public services like ISP’s are also frequent targets of DDoS attacks, as are companies with a large public profiles that may prove susceptible to blackmail or ransom. Existing companies of all kinds have a vested interest in engaging in meaningful security measures to help mitigate the increasing cost and frequency of denial of service attacks. Organizations have been taking action to increase their overall security with a continued emphasis on security information and event management (SIEM) and improved firewalls.

Improving Future Security

According to Arbornetworks, investment in security continues to improve markedly. This is evidenced by a laudable improvement in advanced persistent threat detection time which only two years ago took an average of nine months, compromise-to-discovery, to as many as one-third of respondents having been able to reduce detection time to under one-week, and more than half discovering breaches in under a month. Even so, DDoS attacks remain the number one concern going forward and will require more education and resources to combat.

With DDoS tools becoming more sophisticated, user-friendly, and more easily available across hacker forums and the dark web, organizations must continue to move forward diligently to protect themselves from attack and mitigate losses. To learn how to become a part of preventing future attacks, click here.

Author: Jeffery Sabranek