Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

It's time to research new ways to fight DDoS attacks

David Geer | April 7, 2015
Research shows a majority of enterprises leave DDoS protection to network-servicer providers, web-hosting services or internal resources. But these aren’t the only options for shielding your organization.

Almost 1-in-5 (18-percent) of businesses experienced a distributed denial-of-service attack within a year-long timeframe, according to the Global IT Security Risks Survey 2014--Distributed Denial of Service (DDoS) Attacks from Kaspersky Labs and B2B International. The data applies to the period from April 2013 to May 2014. The survey's 3,900 respondents represented very small to very large companies from 27 countries.

According to the same survey, on average, 61 percent of businesses felt it was the responsibility of their own IT departments and management teams to defend them against DDoS attacks. Twenty-one percent of those surveyed believed it was the responsibility of their network service provider or their website/hosting provider to protect them from the threat of Distributed Denial of Service.

"Large businesses were much more likely to rely on internal resources, whereas small businesses were more likely to expect help from these external service providers," the Kaspersky / B2B International survey said. But none of these entities, neither NSPs, web hosts, IT departments, nor enterprise management teams are necessarily equipped to mitigate DDoS attacks.

Damages per DDoS incident range up to $444,000, according to the survey data. It will surely pay enterprises to adjust their assumptions about who should fight DDoS attacks and to take other action.

This couldn't be more true given that criminal hackers are already weaponizing IoT devices to add them to the botnets they use to launch these attacks, making the onslaught of DDoS larger and more complex. Case in point, the hacker group known as the Lizard Squad used a botnet of personal home routers to launch a DDoS attack on both the PlayStation Network and Xbox Live, according to Dave Larson, CTO, Corero Network Security. 

With a current installed base of active wireless connected devices exceeding 16 billion last year and projected to reach 40.9 billion by 2020, according to ABI Research, the number of devices certainly warrants sounding the alarm on the potential size of IoT enabled DDoS botnets.

How big is the threat posed by DDoS attacks that use botnets that include IoT devices? Are NSPs, webhosts, and internal resources enough to combat these attacks?

The threat of DDoS with IoT botnets
DDoS attacks have grown in size and complexity as hackers add IoT devices to the machines they already incorporate into their botnets. IoT device fleets give criminal hackers access to virtually unlimited botnet armies.

Hackers are using rootkits with weaponized payloads to infect embedded Linux on IoT devices such as cell phones, thermostats, and smart appliances, which vendors have equipped with ARM processors. Due to the sheer numbers of IoT devices out there, 16-billion per the aforementioned ABI Research data, these botnets could grow to many times the size of legacy botnets.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.