/>
X

DDoS attacks: 150Gb per second and rising

Distributed denial of service (DDoS) attacks, favoured tactic of hacktivists and extortionists alike, are getting bigger, more numerous, and even smarter.
stilgherrian-dinkus-22.jpg
Written by Stilgherrian , Correspondent on

Podcast

On this week's Patch Monday podcast (on Tuesday, thanks to yesterday's public holiday across most of Australia) you'll hear an overview of the current trends in DDoS.

"Certainly, attacks are on the increase, and the size of attacks are also increasing," said Alex Caro, Akamai Technologies' chief technology officer and vice-president of services for Asia Pacific and Japan.

Akamai saw DDoS attacks against their customers double in number between 2010 and 2011, and the company expects this trend to continue for 2012.

"The biggest attack that we've seen is around 150 gigabits per second, and we expect much larger attacks in the future," Caro said.

But even that level of malicious traffic is easily absorbed, he said.

"Today, we're probably serving eight, maybe ten terabits per second of traffic at peak, so a 150 gigabit per second denial of service attack is actually fairly small when all is said and done."

Other attacks seen by Akamai have continued for months.

According to information security vendor Imperva's Hacker Intelligence Initiative, Monthly Trend Report #12 (PDF), DDoS attacks are cheap and easy to conduct, because there's no need to penetrate the network — and so there's no need to identify vulnerabilities to disrupt a web application. Nevertheless, attackers are getting smarter.

"Attackers realise that, instead of firing a really ridiculous amount of traffic to take down a website, they could use some more clever traffic in order to shut it down [with] much less effort," said Tal Be'ery, web security research team leader at Imperva.

"In previous years, they've focused on really flooding the network ... with UDP packets and so forth. In order to do that, you need a lot of firepower. And now, they're going up the application stack and going to the HTTP, and even to the application layer."

Caro and Be'ery also outline the broad strategies for defending against DDoS.

To leave an audio comment on the program, Skype to stilgherrian, or phone Sydney +61 2 8011 3733.

Running time 23 minutes, 42 seconds.

Related

How to stop spam messages on your iPhone with this almost-secret hidden switch
messages.jpg

How to stop spam messages on your iPhone with this almost-secret hidden switch

Security
The 5 best tiny houses of 2022: Modern tiny homes
Placeholder product image alt text

The 5 best tiny houses of 2022: Modern tiny homes

Home & Office
This hidden iPhone feature makes you sound better on calls
Control Center icon in macOS

This hidden iPhone feature makes you sound better on calls

iPhone