Thursday 06 March, 2014

Stay Secure Online – How the Latest DDoS Attack Set a New Record

February 2014 saw what security pundits are calling the biggest Distributed Denial of Service attack ever. This attack, which mostly targeted European websites, took advantage of a flaw in the internet’s infrastructure, once again breaking new ground in DDoS attacks.

The attack hit Europe’s CloudFlare data centers with around 400 gigabytes per second of data at its peak. This is 100 gigabytes more than the biggest attack to date, last year’s attack on Spamhaus. The attack initially started with one of CloudFlare’s customers and then spread from there. CloudFlare hasn’t revealed who this customer is.

Ugly Things to Come

Hackers pulled off the attack by taking advantage of a flaw in the internet’s Network Time Protocol. The NTP is used to set clocks for online servers. The attackers used synchronization attacks in the User Datagram Protocol to send vast amounts of data and bring down the system.

What makes this attack unique is that hackers didn’t just flood the networks with data, but actually took advantage of a weakness in the internet’s infrastructure itself. It shows that the internet is still highly vulnerable to debilitating attacks. In a tweet about the attack, CloudFlare CEO Matthew Price called it the ‘Start of ugly things to come.’

Spoof Requests

While the search is on for the attackers, it is very difficult to identify the perpetrators in this kind of DDoS attack. The reason is that the attack is often kicked off by spoof requests. Jamming the network with so many fake requests makes it hard to find the real request that started the attack.

Security experts say that the attack does not appear to be political in nature, but more likely commercial. The attackers wanted to interrupt business and hurt companies.

A Growing Threat

The Distributed Denial of Service is a favorite hacking method. It basically floods a system with so much data that the network denies service. The massive amount of traffic blocks the network, shutting it down. A DDoS attack usually targets a high profile web server such as a bank or payment processor. In the case of this attack, it hit a major web hosting company.

While a DDoS attack doesn’t cause permanent damage or install malware, its effects can still be extremely harmful. Even if an attack is short, the time it shuts down networks and websites can be very damaging to companies that rely on 24/7 sales. DDoS attacks can also be perpetrated for political reasons, shutting down government websites or restricting media communication between people on the internet.

This attack is part of an alarming trend where DDoS attacks have become increasingly larger in recent years. A few years ago, an attack of 200 gigabytes per second was considered nearly apocalyptic. As DDoS attacks grow in size, they can wreak much more havoc.

Bob Steele

Bob Steele is an entrepreneur, software developer, marketer, and author living in the Denver metropolitan area. He’s an avid outdoorsman who loves skiing, hiking, fishing, boating, and just plain having fun. His interests include games, space, technology, physics, cooking (well eating actually), economics, business, internationalism, and team sports. With over thirty years of professional consulting experience, Bob has been exposed to many diverse business models and has gained a sensible approach to life. Bob’s company, WaveCentric is focused on commerce, marketing, and entertainment related products.

More Posts - Website

Comments Off on Stay Secure Online – How the Latest DDoS Attack Set a New Record   Posted In: Mobile Computing   |    Written By: Bob Steele