Trojan horse DDoS attacks on the rise

hacking_ss_img-1024x768.jpg

The greatest DDoS risk for organisations is the barrage of short, low volume attacks which mask more serious network intrusions,  Corero Network Security has warned.

According to new Corero research, which highlights DDoS attack attempts against its customers, short, frequent, low-volume DDoS attacks continue to dominate.

Despite several headline-dominating, high-volume DDoS attacks over the past year, the vast majority (98%) of the DDoS attack attempts against Corero customers during Q1 2017 were less than 10 Gbps per second in volume. In addition, almost three quarters (71%) of the attacks mitigated by Corero lasted 10 minutes or less.

Due to their small size, these sub-saturating attacks tend to go undetected by IT security staff and many DDoS protection systems. However, they are just disruptive enough to knock a firewall or intrusion prevention system (IPS) offline so that the hackers can target, map and infiltrate a network to install malware and engage data exfiltration activity.

“Short DDoS attacks might seem harmless, in that they don’t cause extended periods of downtime. But IT teams who choose to ignore them are effectively leaving their doors wide open for malware or ransomware attacks, data theft or other more serious intrusions,”Corero Network Security CEO Ashley Stephenson explained.

“Just like the mythological Trojan Horse, these attacks deceive security teams by masquerading as a harmless bystander – in this case, a flicker of internet outage – while hiding their more sinister motives.”

In total, Corero customers experienced an average of 124 DDoS attack attempts per month, equivalent to 4.1 attacks per day during Q1 of 2017. This is a 9% increase in attacks over Q4 2016.

“Rather than showing their capabilities in full view, through large, volumetric DDoS attacks that cripple a website, using short attacks allows bad actors to test for vulnerabilities within a network and monitor the success of new methods without being detected. Most cloud-based scrubbing solutions will not detect DDoS attacks of less than 10 minutes in duration, so the damage is done before the attack can even be reported,” Stephenson said.

“As a result, the raft of sub-saturating attacks observed at the beginning of this year could represent a testing phase, as hackers experiment with new techniques before deploying them at an industrial scale.”

While low volume attacks remain the norm, Corero recorded a significant (55%) increase in large DDoS attacks of more than 10 Gbps per second, in Q1 of 2017, compared to the previous quarter. In addition, while the majority of attacks recorded lasted less than 10 minutes, the data also revealed a slight increase in attacks lasting 20 minutes or longer, with these attacks now accounting for nearly a quarter (22%) of all the attacks recorded.


About Retail News Asia

Retail News Asia is committed to providing local and global retailers with the latest news from the Asian retail market on a daily basis.

We have resources for everyone from independently owned business owners to online-only retailers and major chains expanding their reach throughout the Asian market. Retail News is “the news source” with over 50 weekly posts and 13,6 million readers.


CONTACT US

CALL US ANYTIME

Most read



Retail updates

Stay up to date of the lates updates and retail news from Asia.








X