News Ticker

DDoS Attacks Go From Nuisance To A Possible New Form Of Global Warfare

Protections against DDoS are about as useful as these umbrellas. PHOTO: Quartz/Reuters/File photo

By Joon Ian Wong | 13 December 2016

QUARTZ — In September 1996 an internet service provider (ISP) in New York was taken down by a flood of traffic. Computers elsewhere on the internet, controlled by hackers, were sending it up to 150 connection requests every second, far more than it could handle. It was the internet’s first major distributed denial-of-service, or DDoS, attack.

“In principle, most of the denial-of-service attacks we see have no solution,” a security expert, Peter Neumann of SRI International, told the New York Times at the time. “The generic problem is basically unsolvable.”

It still is. Twenty years on, DDoS attacks have increased exponentially in size, and vast swathes of the internet remain vulnerable. Experts say the proliferation of new but vulnerable connected devices, such as thermostats and security cameras, as well as the architecture of the internet itself, mean DDoS attacks will be with us for the foreseeable future. And rather than a mere annoyance that takes your favorite websites offline, they are starting to become a serious threat.

The attacks are also getting more intense. A string of them in September and October, which set records in terms of the volume of traffic (in gigabits per second, or Gbps) in each attack, proved that DDoS can overwhelm the internet’s best defenses. Among those they took down or threatened were a hosting service, a domain-name services provider (whose clients, including Twitter and Spotify, thus became inaccessible across entire regions of the US), a major content-delivery network, and the internet’s best-known blogger on security matters, Brian Krebs.

These are the most powerful DDoS attacks each year, by Arbor Networks’ count.

The September and October attacks are thought to have been carried out using Mirai, a piece of malware that allows hackers to hijack internet-connected devices such as security cameras. These are often sold with weak default passwords that their users don’t bother (or know how) to change. Mirai tracks them down, takes them over, and incorporates them into a “botnet” that launches DDoS attacks as well as finding and infecting other devices. […]

Be Sociable, Share!