Saturday, October 16, 2021

The Growing Threat of DDoS Attacks and Defending Against Them

Must Read

DOD’s weapons programs do not have clear cybersecurity guidelines: GAO

The U.S. Defense Department struggles to outline cybersecurity requirements in contracts for weapon systems, though the agency made important...

US Senate Approves New Deepfake Bill

The US bill must now pass through the House of Representatives.US legislation mandating government study to deepfakes took a...

OAIC: Uber found to have interfered with the privacy of over 1.2 million Australians

The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered...

The incidence and sophistication of distributed denial of service (DDoS) attacks have increased significantly this season, and this tendency has been discussed during a panel session in the Akamai Edge Live virtual convention.

Roger Barranco, VP, international services in Akamai, firstly highlighted this season was”record-breaking” to DDoS efforts: “Not only did we see substantial strikes, we saw some intriguing campaigns,” he noticed.

The panel emphasized why the strategy of DDoS is concurrently appealing to cyber-villains and also a cause of major issues for associations. Lisa Beegle, manager, data protection, Akamai, commented: “It is an outsider’s toolkit staple. It is tried and true, there is no need to reinvent the wheel”

For associations on the receiving end, it is not just draining resources to cope with this type of constant type of assault, but often it contributes to unwanted publicity.

“If you’ve got a DDoS occasion and you’re off and down the world wide web, you’re likely to wind up on the information,” observed Matthew Mosher, regional sales manager at Akamai.

The main reason behind the upswing in DDoS efforts has been the abrupt change to distant working that lots of organizations have needed to undertake as a result of COVID-19, based on Beegle. The lack of preparedness for such a situation has made companies additionally vulnerable to this strategy.

Additionally, you will find far more threat actors today who have more time in their hands, allowing them to”perform their due diligence so that they’re in a position to ease pivot and activity as they want to.”

She added: “I believe it has become far more competitive and I do think the condition of earth is partly to blame for this.”

Furthermore, the size of strikes has been a prominent feature in 2020. Barranco said: “There’s been a 2.4 Terabit size assault on the market and we managed the world’s biggest packet-per-second assault at 809 packets-per-second this season.”

Akamai has also observed a specially powerful worldwide extortion effort this season, with Barranco discovering it exceptional in how it concentrated on verticals, moving from 1 sector to another, covering important businesses like finance, pharma as well as airways.

“The aggressiveness where they were moving after a broad breadth of things to assault was remarkable, and it had been coordinated since they had been performing it in bulk, a vertical at one time,” he remarked.

The manner that cyber-criminals leverage DDoS attacks on associations are also becoming more and more sophisticated, especially concerning their highly concentrated nature.

From the aforementioned global extortion effort, the strikes were concentrated on particular IP ranges. So there was a good quantity of reconnaissance performed upfront until they proceeded and found those strikes.”

To guard against this increasing threat of DDoS attacks, the panel concurred that while the rising use of automation is to be welcomed, the individual component should stay paramount.

Barranco mentioned: “You need to get a strong human component in addition to this because at the end of the day, you are fighting a person being regularly that is blowing off a bot and they’re changing all of the time, so when they visit that you place a good defense set up, they will change somehow to bypass that.”

In general, for associations to satisfactorily safeguard themselves in this present environment, Beegle informed: “Know your surroundings, know that the players are as it pertains to the various entities within the surroundings, understand what your security position is from finishing, communicate internally in addition to externally and do whatever you can to instruct the people in your business as to these possible dangers.”

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This