Distributed denial of service (DDoS) attacks present a force and power to be reckoned with. The problems they present have only gotten worse, and the situation certainly will not improve any time soon as the market continues to add internet-enabled devices. Do we need internet-enabled toasters? How about pacemakers? What could possibly go wrong?
Freedom or exposure? *
The ability to utilize and weaponize internet-exposed devices and applications against targets is not new, and there have been many articles, advisories and stories published about it. From hacktivists to nation states, DDoS attacks have proven many people who ignored them, or thought they were ‘lame’, wrong. DDoS has its science and art, and a well-coordinated attack can put organizations, and even countries, under serious pressure. The writer of this blog witnessed it during 2013 operation ‘Ababil’ against American banks.
Malicious actors will research, probe and exploit every possible internet-exposed device (among other things) because DDoS can be very profitable, even more profitable if combined with crypto mining. Botnets such as Mirai, Reaper and more recently VPNFilter, clearly indicate that the capabilities are in place and a possible internet-disrupting attack may happen soon.
Many notable malicious campaigns are accompanied by DDoS attacks as cloak and dagger. DDoS not only is very profitable but also gives bad actors powerful leverage. It is very clear that the internet has been built on DDoS-friendly technology (I.E UDP), and the market is just adding more fuel to the fire via billions of IoT devices. The increase in DDoS attack sizes recently clearly indicate that 1TB-plus attacks will become very frequent now and even get worse.
Whether volumetric or application based, DDoS attacks can be very effective, and standard/default protections of almost every internet-enabled device cannot defend against a basic DDoS attack. ISPs do not want to deal with them, and governments do not know how to address them without limiting free enterprise and speech. As long as there are illnesses, humans will need medicine, and as long as there is an internet, there will be DDoS attacks.
A recently discovered DDoS attack vector “Memcached” is reviewed by the JASK research team in Threat Advisory 10, which explains indicators, technical details and mitigation procedures against the “Memcached” attack vector.