DDoS strikes explode as hackers exploit the global health crisis
It’s not surprising malicious actors have readily exploited the COVID-19 pandemic to their advantage. 2020 has thus far seen an uptick in numerous cybersecurity attacks of varying types, from phishing emails, brute force intrusions, ransomware attacks, and so on. But one that’s easily forgotten about is the DDoS attack. We’ve talked it before at Bytagig, but a DDoS stands for “direct denial of service.”
The general idea is to overload a network/system with data traffic and render it unusable. Because so many networks and companies now turn to remote working solutions to deal with the COVID pandemic, they’re prime targets for DDoS attack types. While resources to block and defend against these malicious actions have performed well, the numbers are alarming.
Focused targets
Various networks and companies were prime targets for attackers. Among them were major telecommunication businesses like T-Mobile, Verizon, ATT, and Sprint. Assumptions believe T-Mobile made configuration errors in its network, creating vulnerabilities. Others speculated a cybersecurity attack orchestrated by Chinese entities, though network errors took the ultimate blame.
The largest reported DDoS attack
2020 has been a tough year all around. Adding to this is the largest recorded DDoS attack, according to Amazon.
During June 2020, Amazon Web Services reported they mitigated a 2.2 terabit sized DDoS strike which would’ve rendered thousands of their hosted clients useless for an unknown time period time.
AWS also reported the attack size was 44 percent larger than any data volume previously recorded on their network. They, however, weren’t the only victims.
In different parts of the world, other major network hosts suffered from DDoS attacks. Akamai, for example, discovered and thwarted an attack attempt against a European bank. Specifically, the strike attempted to overlord the network with over 800 million packets per second. This was not the traditional form of DDoS attack which usually strikes with BPS (bits per second) attacks, targeting and overwhelming networks. PPS instead seeks to exacerbate and drain network resources.
Akamai also thwarted a 1.44Tbps attack in the first week of June 2020.
Reporting from Digital Shadows, Kacey Clark concluded the surge of these attacks were indeed due to an increased reliance on remote working options.
It’s a natural result, of course. Internet activity greatly increases for professional resources, and therefore, companies are increasingly reliant on the stability of those internet resources.
The impact
The “good” news is that, despite these DDoS attacks, ISPs have the resources to absorb and mitigate them. Network infrastructure from ISPs and telecommunication companies have sizeable resources to handle the brunt of the impact. However, it raises a red flag that these attacks will continue to rise and that everyone – from providers to businesses – need to be prepared.
Experts from Digital Shadow and those who studied the attacks have advice on how to do so:
- Experts recommend building a proactive defense versus reactive
- Implement strong traffic analysis tools to identify abnormal activity
- Use monitoring tools and resources
- Enable proper remote source protection like encryption and limited access to company networks
You can also enlist the aid of third-party IT resources for active monitoring and defense tools. For more information, consider contacting Bytagig today.
