Online attacks continue to climb driven by rise in DDoS

Distributed Denial of Service (DDoS) and routing attacks on online infrastructure increased last year according to a European agency for network security.

Online attacks increased in 2014 with an especially notable rise in attempts to knock organisations offline using Distributed Denial of Service (DDoS).

In a year that saw the massive hack on Sony Pictures there was an increase in nearly every type of assault on the backbone of the internet, according to the European Agency for Network and Information Security (ENISA).

The number of Distributed Denial of Service (DDoS) and routing attacks on online infrastructure increased from 2013, as did instances of physical attacks, accidental damage, eavesdropping and equipment failure. The only type of attacks that decreased were those on the DNS system that translates easy-to-read domain names into the series of numbers that make up a computer's IP address.

DDoS attacks, attempts to make a computer or network unavailable to connect to, are "especially" increasing according to the report.

"Basically, every single system can be targeted by DoS ranging from a simple home computer to a major web server farm," it states.

At the end of last year most of Sweden's fixed-line broadband became unavailable following a DDoS of "unprecedented scale".

Image: Enisa

Various types of DDoS have risen to prominence via high profile attacks.

DDoS amplification/reflection, where the attacker spoofs the victim's IP address and sends a request for information to servers, which then send the response to the victim. If enough data is sent to the victim it can knock them offline. This tactic was used in what has been described as "the biggest cyberattack in history" to take down anti-spam company Spamhaus

Another common approach is DoS flooding, a simple attack where the victim is overwhelmed with packets of data. The attack generally relies on the attacker having more bandwidth than the victim. This is the method used by the Low Orbit Ion Cannon DDoS toolkit used to attack Visa and Mastercard.

Other attacks include DoS protocol exploitation (TCP-SYN), where an attacker sends a succession of requests to the target's systems in an attempt to consume enough server resources to make them unresponsive, and DoS malformed packet, which crashes systems by providing malformed header information or payload.

The report highlights the difficulty in protecting against denial of service attacks stating: "No good practice exists today to ensure protection against Denial of Service/Flooding by defining a system configuration for a given internet infrastructure asset."

It recommends system administrators share information about how different system configurations have held up against DoS attacks.

You can find the full report and the rest of its findings and recommendations here.