Distributed Denial of Service

During the global Coronavirus pandemic governments and agencies around the world have warned that cybercrime is increasing and late last month the FBI warned that four new vectors of Distributed Denial of Service (DDoS) attacks have been identified. They have resulted in several large attacks across the world.

The four new vectors are:

Constrained Application Protocol (CoAP)

Web Services Dynamic Discovery (WS-DD)

Apple Remote Management Service (ARMS)

Jenkins open source automation server

The FBI has said that these new attacks present a significant threat as they attack essential network protocols.

What is a DDoS

 A DDoS attack is one of the most powerful weapons on the internet. It targets websites and online services and the cybercriminal’s aim is to render the website or service inoperable. If you hear about a website “going down” then it may well have been a DDoS attack.

How does a DDoS attack happen?

The theory behind DDoS is simple although individual attacks will vary in the level of complexity. The basic principle is to gain control of a network of computers and use them to direct a surge of traffic to the server. If this surge of data overwhelms the server or network then the website or service will be rendered inoperable. Because the traffic surge comes from real devices it’s difficult to filter fake traffic from legitimate.

An important point to note is that the network of ‘computers’ mentioned above also includes Internet of Things devices such as smart devices that are becoming more and more common around the home.

Motivations

The motivations of attackers are varied. They could be political or an attempt to gain competitive advantage. Sometimes it’s just because they can but it could also be designed to cause a distraction while carrying out a data breach somewhere else.

A Growing Threat

The discovery of these new vulnerabilities serves as a reminder for us to remain vigilant. During the Coronavirus pandemic cybercrime has surged demonstrating that attackers will exploit any vulnerability.

Reports show that DDoS attacks have increased by 500% since the start of the Coronavirus crisis.

Protection

Protecting yourself from a DDoS is difficult and for most small and medium sized businesses we rely on our service providers. If necessary ask them what provisions they have in place to mitigate attacks. Some providers are developing Artificial Intelligence to identify and block malicious traffic.

As individuals, we also have a responsibility to ensure that our computers and Internet of Things devices are not left vulnerable. Internet of Things devices such as IP cameras and smart devices have been vulnerable to weak passwords, with many devices operating with easily discoverable default passwords.