- Lyft received a whopping 7 sexual assault lawsuits in a day Wednesday 10:00 PM
- High school reopens investigation into Nazi salute video after other racist videos emerge Wednesday 7:14 PM
- Facebook content moderators continue to suffer from brutal working conditions Wednesday 5:58 PM
- #RIPReese: Man bullied for relationship with trans woman dies by suicide Wednesday 4:46 PM
- Redaction error reveals ICE is paying Palantir $49 million Wednesday 4:25 PM
- People are using social media to raise awareness about the Amazon fires Wednesday 4:24 PM
- How to watch ‘Detective Pikachu’ right now Wednesday 3:56 PM
- Walmart is suing Tesla over fires at stores with solar panels Wednesday 3:44 PM
- Jeremy Renner asks nicely for Sony to let Spider-Man back in the MCU Wednesday 2:51 PM
- The best and safest torrenting sites you should be using in 2019 Wednesday 2:47 PM
- ‘Beyoncé’s Assistant for a Day’ creator is releasing more games on storytelling app Yarn Wednesday 1:54 PM
- Why does everyone keep falling for that Instagram and Facebook hoax? Wednesday 1:46 PM
- A bunch of celebrities fell for that viral Instagram hoax Wednesday 1:17 PM
- Former Die Antwoord crew member says video shows ‘homophobic attack’ Wednesday 1:13 PM
- How to stream all the MLS Rivalry Week matches Wednesday 1:13 PM
DDoS attacks against governments more powerful and popular than ever
The average size of attacks grew in size by 245 percent.
When the protesters hit the streets, expect DDoS attacks to hit the Web.
Distributed denial-of-service (DDoS) attacks are being used against government targets more than ever before, according to new research from Internet infrastructure firm Verisign. The attacks are increasingly powerful, cheap, and easy to deploy.
DDoS attacks work by flooding a target—a bank, for instance, or a popular website—with data in order to make it crash or unusable for users. It’s not only an easy-to-use, cheap, and effective weapon for hackers, it’s also a goldmine for security firms paid to defend against the attacks.
DDoS attacks against public-sector targets grew to account for 15 percent of all attacks recorded by the company at the end of 2014. The average size of attacks grew in size by 245 percent, Verisign found.
DDoS-for-hire services can cost as little as $2 per hour, delivering an easy-to-use but potentially powerful punch to any Internet-connected devices on earth.
The DDoS defense market—where Verisign is a major player—is projected to hit $1.6 billion within two years.
“The larger industry problem is asymmetric cost,” Ramakant Pandrangi, the vice president of technology at Verisign, told the Daily Dot. “The cost to protect and the cost to attack are very different. You can hire an attacker for as little as $2 per hour, renting their services using very simple user interfaces.”
A score of headline making political events in 2014 highlighted how DDoS attacks are used as effective political activism now more than ever.
The Syrian civil war has seen DDoS used as a weapon by both the Syrian Electronic Army (SEA) and its opponents in proxy cyberwars. The on-the-ground protests in Ferguson, Mo. were accompanied by #OpFerguson in which Anonymous hacktivists used DDoS attacks to disable the city government’s Internet services. Outcry against the 2014 World Cup in Brazil sparked DDoS attacks as well.
DDoS attacks have been used as political activism for two decades, at least since the Strano Network, an Italian group, launched just such an attack against the French government over nuclear politics in 1995. For nearly as long, some activists have pushed the idea that denial-of-service attacks should be treated legally like sit-ins instead of criminal activities that carry significant penalties, including extended prison time.
The average attack size at the end of 2014 increased to 7.39 gigabits per second in 2014, Verisign found, 245 percent higher than those carried out during the same period in 2013 and 14 percent higher than the top averages of 2013. That’s a whopping 6,800 percent increase from average DDoS speeds in 2011, according to security firm Kaspersky Labs.
“We saw a rise in 2014 in terms of hacktivism,” Pandrangi said. “That’s a trend we expect to continue to rise.”
The industry most targeted by DDoS attacks were cloud and information technology services, accounting for a full third of all defense from Verisign and boasting the most powerful attack of the quarter: A 60-gigabit-per-second assault.
Cloud and information technology services are highly valuable targets because they’re used by multiple customers across the private and public sector.
Verisign’s report indicates that attacks against all industries are increasing in size, Pandrangi asserted, a fact that may necessitate the growth of the security industry’s DDoS defense services for years to come.
Photo via edans/Flickr (CC BY 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.