{"id":1794,"date":"2013-04-18T12:10:49","date_gmt":"2013-04-18T16:10:49","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=1794"},"modified":"2013-04-18T12:10:49","modified_gmt":"2013-04-18T16:10:49","slug":"fueled-by-super-botnets-ddos-attacks-grow-meaner-and-ever-more-powerful","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2013\/04\/18\/fueled-by-super-botnets-ddos-attacks-grow-meaner-and-ever-more-powerful\/","title":{"rendered":"Fueled by super botnets, DDoS attacks grow meaner and ever-more powerful"},"content":{"rendered":"

Coordinated attacks used to knock websites offline grew meaner and more powerful in the past three months, with an eight-fold increase in the average amount of junk traffic used to take sites down, according to a company that helps customers weather the so-called distributed denial-of-service campaigns.
\nThe average amount of bandwidth used in DDoS attacks mushroomed to an astounding 48.25 gigabits per second in the first quarter, with peaks as high as 130 Gbps, according to Hollywood, Florida-based Prolexic. During the same period last year, bandwidth in the average attack was 6.1 Gbps and in the fourth quarter of last year it was 5.9 Gbps. The average duration of attacks also grew to 34.5 hours, compared with 28.5 hours last year and 32.2 hours during the fourth quarter of 2012. Earlier this month, Prolexic engineers saw an attack that exceeded 160 Gbps, and officials said they wouldn’t be surprised if peaks break the 200 Gbps threshold by the end of June.
\nThe spikes are brought on by new attack techniques that Ars first chronicled in October. Rather than using compromised PCs in homes and small offices to flood websites with torrents of traffic, attackers are relying on Web servers, which often have orders of magnitude more bandwidth at their disposal. As Ars reported last week, an ongoing attack on servers running the WordPress blogging application is actively seeking new recruits that can also be harnessed to form never-before-seen botnets to bring still more firepower.
\nAlso fueling the large-scale assaults are well-financed attackers who are increasingly able to coordinate with fellow crime organizations, Prolexic officials wrote in quarterly global DDoS report published Wednesday.
\n“These types of attack campaigns appear to be here to stay as a staple on the global threatscape,” they wrote. “Orchestration of such large attack campaigns can only be achieved by having access to significant resources. These resources include manpower, technical skills and an organized chain of command.”
\nThe most prominent target of DDoS attacks over the past six months has been the nation’s largest banks, which at times have become completely unreachable following above average floods of traffic. Most of the assaults were preceded by online posts that showed the writer had foreknowledge of what was about to happen. The posts were penned by self-proclaimed members of Izz ad-Din al-Qassam Brigades, the military wing of the Hamas organization in the Palestinian Territories, and said the attacks were in retaliation for videos posted to YouTube that were insulting to Muslims. The Prolexic report cast doubt on some of that narrative.
\nProlexic “believes these attacks go beyond common script kiddies as indicated by the harvesting of hosts, coordination, schedules and specifics of the selected attack targets,” the report stated. “These indicators point to motives beyond ideological causes, and the military precision of the attacks hints at the use of global veteran criminals that consist of for-hire digital mercenary groups.”
\nFull Story: Fueled by super botnets, DDoS attacks grow meaner and ever-more powerful | Ars Technica<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Coordinated attacks used to knock websites offline grew meaner and more powerful in the past three months, with an eight-fold […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[6,7],"tags":[258,455],"class_list":["post-1794","post","type-post","status-publish","format-standard","hentry","category-networking","category-security","tag-ddos","tag-hacking"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-sW","jetpack-related-posts":[{"id":7924,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/03\/31\/github-still-recovering-from-huge-ddos-attack-that-started-late-last-week\/","url_meta":{"origin":1794,"position":0},"title":"GitHub still recovering from huge DDoS attack that started late last week","author":"NCCT","date":"March 31, 2015","format":false,"excerpt":"Popular coding website GitHub was the target of a huge distributed denial of service (DDoS) attack that started late last week and ran through the better part of the weekend. Security researchers told The Wall Street Journal that the traffic was originally meant for Baidu, China\u2019s most popular search engine.\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7586,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/02\/06\/sneaky-linux-malware-comes-with-sophisticated-custom-built-rootkit\/","url_meta":{"origin":1794,"position":1},"title":"Sneaky Linux malware comes with sophisticated custom-built rootkit","author":"NCCT","date":"February 6, 2015","format":false,"excerpt":"A malware program designed for Linux systems, including embedded devices with ARM architecture, uses a sophisticated kernel rootkit that\u2019s custom built for each infection. The malware, known as XOR.DDoS, was first spotted in September by security research outfit Malware Must Die. However, it has since evolved and new versions were\u2026","rel":"","context":"In "Linux"","block_context":{"text":"Linux","link":"https:\/\/nccomputertech.com\/techtalk\/category\/linux\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8385,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/06\/04\/security-breaches-a-monthly-headache-for-firms-deliberate-targeting-on-the-rise-cost-of-cleaning-up-doubles\/","url_meta":{"origin":1794,"position":2},"title":"Security breaches a monthly headache for firms, deliberate targeting on the rise, cost of cleaning up doubles","author":"NCCT","date":"June 4, 2015","format":false,"excerpt":"Image: Wessel du Plooy\/iStock A growing number of companies are being subjected to increasingly sophisticated attacks on their systems, as the cost of recovering from these assaults continues to rocket. According to the 2015 Information Security Breaches Survey report commissioned by the UK government, 90 percent of large organisations reported\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8270,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/05\/12\/security-breaches-cost-the-us-healthcare-system-6-billion-each-year\/","url_meta":{"origin":1794,"position":3},"title":"Security breaches cost the US healthcare system $6 billion each year","author":"NCCT","date":"May 12, 2015","format":false,"excerpt":"Cyber attacks targeting the US healthcare system now cost the country roughly $6 billion per year. The uptick is directly related to organized crime units shifting their attention from financial firms and large retailers to healthcare providers. According to a report from Bloomberg, attacks against healthcare providers have more than\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9038,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/10\/03\/this-week-in-tech-582-whos-capping-who\/","url_meta":{"origin":1794,"position":4},"title":"This Week in Tech 582: Who’s Capping Who?","author":"NCCT","date":"October 3, 2016","format":false,"excerpt":"https:\/\/www.youtube.com\/watch?feature=player_detailpage&v=PySBYqZ9RLk With Leo on Vacation, Becky Worley takes the big chair. We discuss predictions about Google's big event next week, Samsung's exploding washing machines, Elon Musk's plans for getting to Mars, women in tech, who should buy Twitter, and the next wave in DDOS attacks. \u2022On October 4th, Google will\u2026","rel":"","context":"In "Technology"","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/PySBYqZ9RLk\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":3106,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/08\/05\/attackers-reported-seeding-cloud-services-with-malware\/","url_meta":{"origin":1794,"position":5},"title":"Attackers reported seeding cloud services with malware","author":"NCCT","date":"August 5, 2013","format":false,"excerpt":"LAS VEGAS -- Malware writers are ramping up their use of commercial file hosting sites and cloud services to distribute malware programs, security researchers said at this week's Black Hat conference here. Traditionally, malware writers had distributed their malicious code from their own sites. But as security vendors get better\u2026","rel":"","context":"In "Networking"","block_context":{"text":"Networking","link":"https:\/\/nccomputertech.com\/techtalk\/category\/networking\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1794","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=1794"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1794\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=1794"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=1794"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=1794"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}