Question

DDoS (Distributed Denial of Service) attacks are a major concern in today's Internet security.

  • 21 March 2023
  • 4 replies
  • 46 views

Userlevel 6
Badge +2

Google's Threat Analysis Group (TAG) published a blog update on October 16, 2020, outlining how threats and threat actors are adapting their strategies in light. Similarly GitHub, was hit with a DDoS attack that clocked in at 1.35 terabits per second and lasted for roughly 20 minutes. According to GitHub, the traffic was traced back to “over a thousand different autonomous systems (ASNs) across tens of thousands of unique endpoints.”

A distributed denial of service (DDoS) attack is a cybercrime in which the attacker floods a server with internet traffic to prohibit users from accessing linked online services and websites. It is a brute-force attempt to slow down or fully crash a server. https://portswigger.net/daily-swig/ddos

I came across similar news and experiences while working with a travel company, where they experienced website downtime, which affected their SEO and increased website vulnerabilities, which harmed the company's commercial as well. As a result, they took too long to resolve, where they improved the web-server configuration, relocated all business-critical applications, and disabled any unnecessary or unfamiliar network services.


What are your concerns about DDoS?
Don't let your experiences go unheard, share them if you have any.

 

 


4 replies

Userlevel 7
Badge +2

Google's Threat Analysis Group (TAG) published a blog update on October 16, 2020, outlining how threats and threat actors are adapting their strategies in light. Similarly GitHub, was hit with a DDoS attack that clocked in at 1.35 terabits per second and lasted for roughly 20 minutes. According to GitHub, the traffic was traced back to “over a thousand different autonomous systems (ASNs) across tens of thousands of unique endpoints.”

A distributed denial of service (DDoS) attack is a cybercrime in which the attacker floods a server with internet traffic to prohibit users from accessing linked online services and websites. It is a brute-force attempt to slow down or fully crash a server. https://portswigger.net/daily-swig/ddos

I came across similar news and experiences while working with a travel company, where they experienced website downtime, which affected their SEO and increased website vulnerabilities, which harmed the company's commercial as well. As a result, they took too long to resolve, where they improved the web-server configuration, relocated all business-critical applications, and disabled any unnecessary or unfamiliar network services.


What are your concerns about DDoS?
Don't let your experiences go unheard, share them if you have any.

 

 

I don't have personal experiences to share, but I can discuss some concerns about DDoS attacks based on the information available.

DDoS attacks can cause significant harm to online businesses by disrupting their online services, leading to financial losses, and damaging their reputation. Moreover, the attacks can be used as a smokescreen to carry out other cyberattacks, such as data theft, while the company is busy mitigating the DDoS attack.

Another concern is the scale of DDoS attacks. As the GitHub incident you mentioned, DDoS attacks can generate a massive volume of traffic, making them difficult to mitigate, even for well-prepared organizations. This can lead to prolonged downtime, which can negatively affect a company's reputation and customer trust.

DDoS attacks can also be launched by anyone with access to a botnet or a network of compromised devices, making them a relatively low-cost attack method compared to other cyberattacks. This makes it easier for threat actors to cause harm to online businesses and even governments.

Overall, DDoS attacks are a significant threat to online businesses and organizations. Proper preparation and mitigation strategies are necessary to minimize the potential damage caused by these attacks.

 

 

In Q1 2021, there were 2.9 million DDoS attacks, up 31% from the corresponding period in 2020, according to InfoSecurity Magazine.

DDoS attacks, which have rendered firms largely inoperable in recent years, have increased exponentially.

AWS (Amazon Web Services) was the victim of a DDoS attack in February 2020 that was so sophisticated that it kept AWS's incident response teams busy for many days while also having an effect on customers all around the world.

The EXMO cryptocurrency exchange was the target of a DDoS attack in February 2021, which kept it inaccessible for about five hours.

Australia recently suffered from a significant, ongoing, state-sponsored DDoS onslaught.

A DDoS attack that targeted the government, police, and universities of Belgium also made Belgium a victim.

Every day, tens of thousands of successful DDoS attacks go unreported and nameless. In actuality, the most successful and expensive attacks are these ones.

Userlevel 4
Badge +3

Google's Threat Analysis Group (TAG) published a blog update on October 16, 2020, outlining how threats and threat actors are adapting their strategies in light. Similarly GitHub, was hit with a DDoS attack that clocked in at 1.35 terabits per second and lasted for roughly 20 minutes. According to GitHub, the traffic was traced back to “over a thousand different autonomous systems (ASNs) across tens of thousands of unique endpoints.”

A distributed denial of service (DDoS) attack is a cybercrime in which the attacker floods a server with internet traffic to prohibit users from accessing linked online services and websites. It is a brute-force attempt to slow down or fully crash a server. https://portswigger.net/daily-swig/ddos

I came across similar news and experiences while working with a travel company, where they experienced website downtime, which affected their SEO and increased website vulnerabilities, which harmed the company's commercial as well. As a result, they took too long to resolve, where they improved the web-server configuration, relocated all business-critical applications, and disabled any unnecessary or unfamiliar network services.


What are your concerns about DDoS?
Don't let your experiences go unheard, share them if you have any.

 

 

I want to share a recent Article that stated that Shell Bot DDoS malware targets poorly managed Linux servers. A recent campaign that uses various varieties of the virus named ‘ShellBot’ also known as PerlBot, targets poorly maintained Linux SSH servers.

The development also comes as Microsoft revealed a gradual increase in the number of DDoS attacks targeting healthcare organizations hosted in Azure, surging from 10–20 attacks in November 2022 to 40–60 attacks daily in February 2023.

 

 

DDoS attacks have been hitting the headlines with increasing frequency over the last few months. COVID-19 pandemic causing the most significant increase in DDoS attacks ever. They are a favored strategy of hacktivists, extortionists, and online criminals hoping to create a distraction. 2020 was the year of the DDoS attack. Distributed Denial of Service (DDoS) attacks spiked over the last year, driven by the pandemic and the fact that so many people were locked down, working from home, and using online services to get through the pandemic.

 

According to a report more than 10 million DDoS attacks were launched last year, targeting many of the remote and essential services people were using to make it through the lockdown. Healthcare, remote learning, ecommerce, and streaming services were all hit hard by DDoS attacks, which often interrupted business operations or caused some businesses to fall victim to extortion by the criminal behind the attack. Many types of threat actors, ranging from individual criminal hackers to organized crime rings and government agencies, carry out DDoS attacks.

https://securityscorecard.com/blog/best-practices-to-prevent-ddos-attacks/


 

Reply