Distributed Denial of Service (DDoS) attacks are becoming an ever bigger problem on the Internet. DDoS attacks send so much traffic to a web server that the victim’s Internet connection or web server cannot handle it all, and their website becomes inaccessible to legitimate traffic: a “denial of service.” We have posted about DDoS attacks a few times in this blog, but it has been over a year since our last post. Several companies have just released statistics for the final quarter of 2015, showing huge growth in this type of attack. If you think that public libraries are never targeted, think again. The OPLIN network is constantly being probed and beset in many ways; we stop thousands of potential attacks every day.
- DDoS attacks: Getting bigger and more dangerous all the time (ZDNet | Danny Palmer) “Indeed, it was companies which provide IT, cloud, and software services which are currently most targeted, with 32 percent of DDoS attacks made against this sector. However, the number of DDoS incidents media and entertainment providers wasn’t far behind, with 30 percent of attacks made against organisations in this industry. Attacks against the financial sector made up 15 percent of incidents, the public sector accounts for 10 percent and while the biggest DDoS event was recorded against the telecommunications industry, this sector accounts for only 8 percent of DDoS attacks.”
- Estimating the revenue of a Russian DDoS booter (Arbor Networks blog | Dennis Schwarz) “As we see in Arbor’s most recent Worldwide Infrastructure Security Report (WISR), the average cost to the victim of a DDoS attack is around $500 per minute. And as we’ve seen above, the mean cost to the attacker is only $66 per attack. This finding highlights both the extreme asymmetry of the economics of DDoS attackers vs. those of the victims of DDoS attacks, as well as the importance of robust DDoS defenses to all organizations which depend upon their online presence for revenue, customer support, and other important business functions. The cost to launch a DDoS attack is so low that the barrier to entry for attackers is practically nil – and that means that *any* organization can potentially be the target of a DDoS attack, since the investment required to launch an attack is so low.”
- DDoS attacks are soaring, says new report (Naked Security | Bill Camarda) “Like so much else these days, these sites are subscription-based; Akamai notes that they usually limit attack length, unlike old-fashioned DDoS attacks that lasted until ‘the attack was mitigated, the malicious actor gave up, or the botnet was taken down.’ Yet another example of how the cloud makes things easy: why build and operate your own botnet if you can just hire someone else’s for long enough to cause havoc?”
- Building a brand-new Internet (TechCrunch | Menny Barzilay) “Unless this changes, there may come a day in which it is no longer deemed cost-effective, business-wise, to introduce new services on the Internet. Incremental security changes will not work. We need disruptive innovation in the world of cybersecurity. A paradigm shift — something that will change dramatically the way things work. We want a solution that will have a significant positive effect, similar to the one created by the invention of the car, smartphone or time travel.”
Articles from Ohio Web Library:
- DDoS is the most common method of cyber attack on financial institutions. (Computer Weekly, 2/9/2016, p.4-6 | Warwick Ashford)
- Defence against SYN — flooding attack. (International Journal of Multidisciplinary Approach & Studies, Sep.-Oct.2015, p.114-123 | R. Saranya and N. Prathap)
- How to survive a cyberattack. (T H E Journal, May 2014, p.7-9 | Phil Hardin)
