informa
/
Attacks/Breaches
News

DDoS Attack Doesn't Spell Internet Doom: 7 Facts

Despite a record-setting DDoS attack against anti-spam group Spamhaus, the Internet remains alive and well. Let's break down the key facts.
5. Why DDoS Size Doesn't Always Matter.

Still, the DDoS attacks launched against Spamhaus suggest that with a bit of effort, attack volumes -- which on average have remained stagnant in recent years, or even decreased -- can be increased in size. "Arbor has been monitoring DDoS for more than a dozen years and we've seen attack size peaking at around 100 Gbps in recent years," said Dan Holden, director of Arbor Network's security engineering and response team, in an email.

But DDoS attack size need not matter, because DDoS attackers -- supported by free attack toolkits -- have found effective ways to disrupt websites that don't require launching massive quantities of packets. Instead, they can simply target choke points, for example by launching application-layer attacks.

Such attacks can be just as effective as high-volume attacks. For example, the largest DDoS attack in 2012 peaked at just 60 Gbps, in a year that was filled with DDoS disruptions.

6. At Whatever Volume, DDoS Attacks Are Hard To Stop.

The end result, of course, is still website disruptions. "The attack on Spamhaus, and their upstream security and Internet providers, is yet another example of how DDoS has become the de facto weapon of choice for cyber-activists, cyber-criminals, business competitors and others," said Marty Meyer, president of Corero Network Security, in an email. "Unfortunately, the shared infrastructure that is the Internet can be vulnerable to this type of attack on the DNS system. It illustrates the collateral damage that can be felt by individuals trying to access sites and businesses like Netflix" -- which reportedly saw its service slow down as a result of the Spamhaus DDoS attacks -- "for whom the Web is the cornerstone of their business," he said.

The DDoS attack against Spamhaus also brought predictable dystopian hand-wringing from security vendors envisioning the potential evolution in online threats. "It also raises a worrying red flag that if an organization like CyberBunker could allegedly unleash this much damage, could a cyber-terrorist or state sponsored attacker use similar tactics to disrupt the communication and business channels of its enemies that rely on the Internet?" said Meyer.

7. Easy DDoS Attacks Support Online Grudges.

Case in point: the group calling itself the al-Qassam Cyber Fighters, which has been waging six-month-long DDoS attack campaign against U.S. banking websites under the banner of "Operation Ababil." Although the group claims to be a cross-border band of Muslim hacktivists incensed over the July 2012 posting to YouTube of a film that mocks the founder of Islam, multiple U.S. government officials have accused it of being an Iranian government front.

Regardless, the group continues to prove itself adept at preventing customers from reaching U.S. banking websites, either by disrupting targeted websites, or leading targeted websites to employ defenses that block some legitimate traffic from reaching their sites. No 300-Gbps attack volume required.

Attend Interop Las Vegas, May 6-10, and learn the emerging trends in information risk management and security. Use Priority Code MPIWK by April 29 to save an additional $200 off All Access and Conference Passes. Join us in Las Vegas for access to 125+ workshops and conference classes, 300+ exhibiting companies, and the latest technology. Register for Interop today!

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5