Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Two record DDoSes disclosed this week underscore their growing menace

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 26 Jun 2020 05:05:56 +0000 (UTC)
https://arstechnica.com/information-technology/2020/06/two-record-ddoses-disclosed-this-week-underscore-their-growing-menace/

By Dan Goodin
Ars Technica
6/25/2020

Distributed denial-of-service attacks—those floods of junk traffic that
criminals use to disrupt or completely take down websites and services—have long
been an Internet scourge, with events that regularly cripple news outlets and
software repositories and in some cases bring huge parts on the Internet to a
standstill for hours. Now there’s evidence that DDoSes, as they’re usually
called, are growing more potent with two record-breaking attacks coming to light
in the past week.

DDoS operators hack thousands, hundreds of thousands, and in some cases millions
of Internet-connected devices and harness their bandwidth and processing power.
The attackers use these ill-gotten resources to bombard sites with torrents of
data packets with the goal of taking the targets down. More advanced attackers
magnify their firepower by bouncing the malicious traffic off of third-party
services that in some cases can amplify it by a factor of 51,000, a feat that,
at least theoretically, allows a single home computer with a 100
megabit-per-second upload capacity to deliver a once-unimaginable 5 terabits per
second of traffic.

These types of DDoSes are known as volumetric attacks. The objective is to use
machines distributed across the Internet to send orders of magnitude more
traffic volume to a circuit than it can handle. A second class—known as
packet-per-second focused attacks—forces machines to bombard network gear or
applications inside the target’s data center with more data packets than they
can process. The objective in both types of attacks is the same. With network or
processing capacity fully consumed, legitimate users can no longer access the
target’s resources, resulting in a denial of service.

[...]


--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: