Thursday 06 March, 2014
February 2014 saw what security pundits are calling the biggest Distributed Denial of Service attack ever. This attack, which mostly targeted European websites, took advantage of a flaw in the internet’s infrastructure, once again breaking new ground in DDoS attacks.
The attack hit Europe’s CloudFlare data centers with around 400 gigabytes per second of data at its peak. This is 100 gigabytes more than the biggest attack to date, last year’s attack on Spamhaus. The attack initially started with one of CloudFlare’s customers and then spread from there. CloudFlare hasn’t revealed who this customer is.
Ugly Things to Come
Hackers pulled off the attack by taking advantage of a flaw in the internet’s Network Time Protocol. The NTP is used to set clocks for online servers. The attackers used synchronization attacks in the User Datagram Protocol to send vast amounts of data and bring down the system.
What makes this attack unique is that hackers didn’t just flood the networks with data, but actually took advantage of a weakness in the internet’s infrastructure itself. It shows that the internet is still highly vulnerable to debilitating attacks. In a tweet about the attack, CloudFlare CEO Matthew Price called it the ‘Start of ugly things to come.’
While the search is on for the attackers, it is very difficult to identify the perpetrators in this kind of DDoS attack. The reason is that the attack is often kicked off by spoof requests. Jamming the network with so many fake requests makes it hard to find the real request that started the attack.
Security experts say that the attack does not appear to be political in nature, but more likely commercial. The attackers wanted to interrupt business and hurt companies.
A Growing Threat
The Distributed Denial of Service is a favorite hacking method. It basically floods a system with so much data that the network denies service. The massive amount of traffic blocks the network, shutting it down. A DDoS attack usually targets a high profile web server such as a bank or payment processor. In the case of this attack, it hit a major web hosting company.
While a DDoS attack doesn’t cause permanent damage or install malware, its effects can still be extremely harmful. Even if an attack is short, the time it shuts down networks and websites can be very damaging to companies that rely on 24/7 sales. DDoS attacks can also be perpetrated for political reasons, shutting down government websites or restricting media communication between people on the internet.
This attack is part of an alarming trend where DDoS attacks have become increasingly larger in recent years. A few years ago, an attack of 200 gigabytes per second was considered nearly apocalyptic. As DDoS attacks grow in size, they can wreak much more havoc.