Feb 22 2022

Why DDoS is still a major attack vector and how to protect against it

Category: DDoSDISC @ 9:51 pm

What is a DDoS attack?

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks aren’t new cyberattack vectors; They go all the way back to the early 1970s when modern commercial and enterprise networks emerged.

DDoS is a cyberattack in which the adversary seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. It doesn’t peruse any private data or get control over the target’s infrastructure; it just aims to bring the service down.

In today’s world, specifically with COVID, which accelerated organizations’ digital transformation, web presence is a must for just about any business. In this environment, DDoS attacks can be very destructive.

Main ingredients of DDoS attacks

Ingredient # 1 – Botnet

A botnet is a group of infected, compromised machines with malware controlled by malicious software without the knowledge of the machine owner. It ranges from ordinary home or office PCs to IoT devices. Compromised machines called bots or ‘zombies’ are used to launch DDoS attacks, spread SPAM, or perform other malicious activities orchestrated by the attacker.

One of the most infamous Botnets is ‘Mirai,’ which used hundreds of thousands of hijacked IoT devices. The creators of the Mirai botnet, Josiah White, Paras Jha, and Dalton Norman, who were all between 18 and 20 years old when they built Mirai, managed to hijack IoT devices by scanning the Internet for vulnerable IoT devices with factory-set usernames and passwords, log into them, and infect them with the Mirai malware.

The Mirai botnet was used in multiple DDoS attacks between 2014 and 2016 and, when the creators felt the heat coming from the authorities, they published the Mirai source code in a Hackers’ forum in an attempt to cover their tracks. All three were eventually indicted, plead guilty, and are now fighting crime with the FBI. Amazing how life turns out.

Just like we have COVID variants and mutations, Mirai also evolved and its source code mutations have been used in the wild by hackers. Okiru, Satori/Fbot, Masuta, Moobot, and more than 60 other Mirai variants are out there.

Ingredient # 2 – Command and Control

Star topology of a DDoS attack

DDoS Protection 

Tags: DDoS Protection, major attack vector