DDoS – Distributed Denial of Services are kinds of DOS attacks that are carried out by multiple compromised systems, infected with Trojan virus mostly, on a single system. DDoS attacks are double-edged knives as they are also adversely affecting the systems hackers are using to attack the victim system. (Beal) In DDoS, the traffic of malicious attack comes from various sources, sometimes from hundreds and thousands of origins. It is, therefore, impossible to handle such attack by just blocking a single IP address. (Beal) This makes it all the more dangerous and damaging to your online presence as an individual and as a company.
Presence of DDoS since 2000 is in itself a testimonial to its deep rooted status in our online lives, all the more reason to take the threat seriously. As the number of online devices is increasing by the day, especially after the introduction of IoTs, the threat just got real and more deadly than ever before, begging our immediate attention to the pressing problem of DDoS. (Birtstone, 2016) 2017 should expect more attacks to come its way and we should brace ourselves for more deadly attacks, unless we prepare to thwart the attacks.
Internet of Things: DDoS Attacks Carriers
Internet of Things or IoTs is the most flourishing section of technology in recent times and all the more vulnerable to malicious attacks, most probably by DDOS. Mirai, pillaged through Liberia and across much of the web by engulfing DVRs and using them for carrying out the malicious intent. (Birtstone, 2016) Routers and DVRs are mostly targeted by the malware attack. IoT Botnets, the main targets are made out of compromised PCs traditionally but the main reason of attacks are the faulty security system of the IoTs that make them easy target of Hackers who find them easy and trending targets these days and have built huge IoT Botnets for the purpose. (Staff, 2017) Mirai not only crashed a few individual websites, but also affected Internet connectivity around the world which clearly shows the scale of damage it can induce. (Staff, 2017) With large scale of IoTs and their unlimited expansion, it is only a matter of time that they get attacked by DDoS; so if you are planning to install security measures to prevent them, the time is now.
According to Forrester Research, 2017 will see more compromises in IoTs, which could get 500,000 IoT devices to suffer from single compromise. Security breach at one end could trigger a chain reaction of damage done to multitude of websites and connections around the cyber world. (Birtstone, 2016)
Reincarnation of WannaCry Ransomware
WannaCry Ransomware was responsible for crashing various systems around 150 countries ranging from healthcare to transportation until a glitch in its code helped shut it down. Now a few hackers are bent on using DDoS along with WannaCry to carry out a more strong attack. Using Mirai Botnet model, they’re trying to attack WannaCry kill-switch to revive the original Ransomware and use it for their own malicious intent. (Greenberg, 2017)
DDoS Attacks are here to Stay
The coming years will see more volume of data being swallowed by these malicious attacks that have long lasting effects on political and economic landscape around the world. New attack techniques like using Lightweight Directory Access Protocol LDAP can augment DDoS attacks 55 times. Not changing passwords regularly can cause irreparable damages due to such attacks and out-dated firmware is always vulnerable to such malicious outbreaks. DDoS attacks are going to grow in volume and the cost of mitigation services will increase correspondingly. (Birtstone, 2016)
DDoS attacks being carried out in distributed manner, sometimes from thousands of sources, makes it all the more difficult to tackle and counter but it is not impossible. Following measures are considered useful to counter these attacks.
- Considering recent DDoS attacks using IoTs, manufacturers are being encouraged to build an Internet device with security controls before they are issued. (Larson, 2016)
- ISPs have an important role to play in safeguarding their customers’ interests. They can reduce the volume of DDoS attacks across their networks by using systems that can detect the infected bots that are being used for DDoS attacks and remove them from the system. They can adopt ingress filtering to remove the problem of spoofed IP addresses that are mostly used in reflection DDoS attacks. (Larson, 2016)
The DDoS attacks are real and here for good as the number of devices linked with Internet and the amount of data transmitting through it, is increasing in volume. The need of the hour is to increase vigilance with the same rate or attacks like Mirai will be considered nothing as compared to the kind of damage it can cause to systems around the world in future.
Beal, V. (n.d.). DDoS attack – Distributed Denial of System. Retrieved August 07, 2017, from Webopedia: http://www.webopedia.com/TERM/D/DDoS_attack.html
Birtstone, R. (2016, December 16). DDoS in 2017: Strap yourself in for a bumpy ride. Retrieved August 07, 2017, from The Register: https://www.theregister.co.uk/2016/12/16/ddos_in_2017_strap_yourself_in_for_a_bumpy_ride/
Greenberg, A. (2017, May 19). Hackers are Trying to Reingnite Wannacry with non-stop Botnet Attacks. Retrieved August 07, 2017, from Wired: https://www.wired.com/2017/05/wannacry-ransomware-ddos-attack/
Larson, D. (2016, December 14). DDoS Attacks Predictions for 2017. Retrieved August 07, 2017, from Corero: https://www.corero.com/blog/785-ddos-attack-predictions-for-2017.html
Staff, W. (2017, February 01). The Biggest Security Threats Coming in 2017. Retrieved August 07, 2017, from Wired: https://www.wired.com/2017/01/biggest-security-threats-coming-2017/