Corero reveals that number of DDoS attacks have doubled in six months as hackers leverage unsecured IoT devices


Organizations experienced an average of 237 DDoS attack attempts per month during Q3 2017 – equivalent to 8 DDoS attack attempts every day – as hackers strive to take their organisations offline or steal sensitive data, according to the latest DDoS Trends and Analysis report from Corero Network Security.

Corero attributes this increase in frequency to the growing availability of DDoS-for-hire services, and the proliferation of unsecured Internet of Things (IoT) devices. For example, the ‘Reaper’ botnet is known to have already infected thousands of devices, and is believed to be particularly dangerous due to its ability to utilize known security flaws in the code of those insecure machines. Like a computer worm, it hacks into IoT devices and then hunts for new devices to infect in order to spread itself further.

The data, which is based on DDoS attack attempts against Corero customers, represents a 35 percent increase in monthly attack attempts compared to the previous quarter, and a 91 percent increase in monthly attack attempts compared to the first quarter of this year. In addition to the frequency of attacks, the Corero data reveals that hackers are using sophisticated, quick-fire, multi-vector attacks against an organization’s security.

A fifth of the DDoS attack attempts recorded during the second quarter used multiple attack vectors. These attacks utilize several techniques in the hope that one, or the combination of a few, can penetrate the target network’s security defences.

“The growing availability of DDoS-for-hire services is causing an explosion of attacks, and puts anyone and everyone into the crosshairs. These services have lowered the barriers to entry in terms of both technical competence and price, allowing anyone to systematically attack and attempt to take down a company for less than $100,” said Ashley Stephenson, CEO at Corero. “Alongside this trend is an attacker arms race to infect vulnerable devices, effectively thwarting other attackers from commandeering the device. Cyber criminals try to harness more and more Internet-connected devices to build ever larger botnets. The potential scale and power of IoT botnets has the ability to create Internet chaos and dire results for target victims.”

Corero also observed a return of Ransom Denial of Service, or RDoS, in the third quarter. A widespread wave of ransom DDoS threats from hacker group, Phantom Squad, started in September, targeting companies throughout the US, Europe and Asia. The extortion campaign spanned a variety of industries – from banking and financial institutions, to hosting providers, online gaming services and SaaS organisations – and threatened to launch attacks on 30 September unless a Bitcoin payment was made.

“Despite the industry fascination with large scale, Internet-crippling DDoS attacks, the reality is that they don’t represent the biggest threat posed by DDoS attacks today,” Stephenson continues. “Cyber criminals have evolved their techniques from simple volumetric attacks to sophisticated multi-vector DDoS attacks. Often lasting just a few minutes, these quick-fire attacks evade security teams and can sometimes be accompanied by malware and other data exfiltration threats. We believe they are often used in conjunction with other cyber-attacks, and organisations that miss them do so at their peril.

“The only way to keep up with these increasingly sophisticated, frequent and low volume attacks is to maintain comprehensive visibility and automated mitigation capabilities across a network, so that even everyday DDoS attacks can be instantly detected and blocked as they occur and before they cause damage,” he added.

Leave a Reply

IoT Innovator

IoT Innovator