Life in CityTech

Design a Beautiful Life!

Tag: tech

DDoS Threat Report

Even with the wide range of strategies DDoS attacks employ in their quest for devastation, they’ve earned a narrow reputation amongst casual observers of the state of cybersecurity. Thanks to major IoT botnets like Mirai and recent record-breaking memcached attacks on targets like GitHub, DDoS attacks have come to be seen as the Mike Tyson punch of cyber assaults: thundering bangers so powerful it’s no wonder many opponents can do nothing more than stagger, stumble and drop.

However, as DDoS professionals and security analysts will tell you, the attacks that are most difficult to deal with are the ones that use brains, not brawn. This is unfortunate considering the numbers are in for the fourth quarter of 2017, and the trend towards increasingly smart attacks is ramping up. Instead of knockout punch attempts, your DDoS mitigation is going to be dealing with some pretty brilliant rope-a-dope. Is it prepared for Muhammad Ali?

By the numbers

Those booming DDoS or distributed denial of service attacks made famous by internet-shaking assaults that took the likes of Reddit and Netflix offline tend to be aimed at the network layer. There isn’t anything clever about these attacks, there’s no real attempt to disguise them, it’s just a huge amount of malicious traffic barraging a victim. For an unprotected website this is assured downtime, but for any online service with decent DDoS protection these attacks are easy to detect and can therefore be easy to mitigate before they can greatly affect availability, so long as the protection appliance or service is highly scalable.

For protection that qualifies as decent but not much better, it’s a whack of bad news from Imperva whose DDoS protection division Incapsula recently published its Global DDoS Threat Landscape report for Q4 2017. The number of network layer attacks fell a full 50% from the third quarter, and making up the difference were those brainy and hard-to-stop application layer attacks, which rose 43%.

Application layer madness

Unlike their network-layer counterparts, application layer attacks look and act like legitimate requests from legitimate website users. This allows them to sneak past a great deal of protection measures meant to be looking for irregular and suspicious traffic patterns. That isn’t the extent of application layer attack craftiness either, as these small but strenuous attacks are precisely designed to put in the smallest amount of effort yet consume the maximum amount of server-side resources. Many professional attackers research their intended targets, finding the website elements that require the most work from the server – such as dynamic content that can’t be cached – and load those elements repeatedly. Application layer attacks are basically the Rumble in the Jungle, and all too often, the target server is George Foreman left lying flat on the canvas.

In that 43% increase in application layer attacks in the fourth quarter of 2017, Incapsula specifically spotted a sizable uptick in assaults that weighed in between 100 and 1000 requests per second (RPS), with over 50% of fourth quarter application layer attacks landing in that category. This points to an increase in DDoS-for-hire users taking aim with application layer assaults. They’re cheaper to launch and sustain compared to network layer attacks, leading even non-professional attackers to take the clever route when it comes to knocking out their targets.

Increasingly brilliant bots

Behind most distributed denial of service attacks are swarms of DDoS bots. For a DDoS attack to be successful on a website with some level of DDoS protection, the bots that make up malicious DDoS traffic need to go undetected by the security measures put in place to stop them. In Q4, 17% of DDoS bots were capable of doing exactly that, bypassing either cookie or JavaScript challenges. This is an increase of ten percent compared to Q3. Even more startlingly, of the 17% of bots with bypass capabilities, 16.1% had the ability to bypass both cookie and JavaScript challenges, an increase of 14.3% from Q3.

Cookie and JavaScript challenges are two of the most common security challenges used to identify DDoS traffic. Having both in place may have once been seen as strong security, but those days are long gone. At least they should be.

Making the grade

While it’s impossible to predict what the DDoS landscape has in store, there’s a good chance the professional attackers making bank on the dark web, the cybercriminals coding DDoS bots, or the malicious entrepreneurs running DDoS for hire services are going to decide that less sophisticated attacks are the wave of the future. Muhammad Ali never decided to start throwing wanton haymakers, after all.

For websites and businesses that can’t afford downtime, reputation damage, loss of user loyalty and the many other major costs and consequences of a successful attack, DDoS protection first of all needs to be a professional cloud-based managed service, and secondly needs to employ the type of granular traffic inspection that can bounce even the smartest attacks to a scrubbing server. This includes a layered approach to bot detection that includes static analysis, behavioral analysis and progressive challenges that, of course, extend beyond cookie and JavaScript challenges. Fighting the latest DDoS attacks has largely become a battle of wits, and it isn’t a battle many businesses can afford to lose.

When You Don’t Protect Your PC

The internet is everywhere. More than half of the world is connected to the internet through smartphones, tablets, laptops, and personal computers. But as the world joins hands to bridge gaps in digital connectivity, the network that binds digital devices also offers a path for evil to spy on your precious data and steal it.   About a quarter of personal computers were deemed as unprotected, according to Microsoft’s Security Intelligence Report of 2013. No wonder the years to come would bear witness to some of the worst data breaches in history, from 21 million US citizen’s data being compromised in one of history’s worst cybercrime’s against government in the OPM attack against the US’s Federal Office of Personnel Management, to the first of its kind “WannaCry” ransomware attack in 2017 that shook the global economy of 5 billion dollars.

These and a plethora of other such cyber security incidents have made it clear that the internet cannot certainly be mistaken for an open sea in which you can dive as deep as you want without any sort of protection. Yet, many people on the internet don’t have any sort of protection on their personal computers. One of the major reasons for this outlook is the popular opinion, “This cannot happen to me”. Well, this is certainly not the case.

Mr. A is a final year university student. He has been carrying out research for the past one year and his submissions are due the next week. One day, while editing his documents, he gets a weird pop-up on his screen that informs him that he can no longer access his data and would have to pay 500$ in order to get his documents back.

Mrs. B is slightly more careful on the internet. She prefers visiting the store for all her shopping because she doesn’t want the internet e-commerce websites to store her personal information. But one fine day, she learns that her credit card limit has reached. She didn’t pay much attention to her net banking URL when she clicked on the “Yes” button which prompted her for her credit card pin. Moreover, she was unaware that banks never email you asking for your credit card information.

Mr. C rarely uses the internet. Yet he was one of the people whose sensitive data was compromised in the OPM cyber-attack.

Mr. A., Mrs. B, and Mr. C are not huge conglomerates. They are ordinary people who have felt the tremors of cyber attacks directly. To think that anyone is safe without protection on the internet is a mistake that many others like them make every single day. This is the very reason why no one can ignore the importance of computer security.

By following certain basic steps, one can ensure their safety on the internet. Use only safe URLS (with HTTPS in them) to access sensitive websites. Beware of where you click and what you agree to on the web page. Know your bank’s internet banking security policies. Always keep your PC up-to-date with the latest versions of software and latest patches installed. Ensure that the firewall in your PC is enabled. Finally, use a proper antivirus from a well-known computer security solution organization (Avira, Avast, Bitdefender Products, Norton are some popular and reliable names).

Technology itself does not have any moral character to guide it. It is free for anyone with the money and the knowledge to use it. And not everyone who pretends to give out “free” information or rewards on the internet is your well-wisher. It is essential that everyone with a connection to the internet does their bit towards internet security by ensuring that their system is secure. Such individual moves can help the world’s governments and technological organizations to build a digitized yet secure future for us.

© 2019 Life in CityTech

Theme by Anders NorenUp ↑