Eight DDoS Attacks Affecting the Security of IoT Enterprises

Eight DDoS Attacks Affecting the Security of IoT Enterprises. The overall frequency of Distributed Denial of Service (DDoS) attacks increased in 2016, due in part to the IoT botnet. Neustar said Neustar saw a 40% reduction in DDoS attacks in the January-November period compared to the same period last year.

Neustar issued a warning that with the release of botnet code components, dangerous new DDoS deployments will emerge, such as on-going device registration deployments that botnet controllers take advantage of to deploy the device even after the device reboots.

Let's take a look at the eight major DDoS attacks in the United States that have paralyzed the network as a result of IoT devices in various regions and universities in the United States.

A U.S. university was affected by DDoS attacks on the network for 54 hours

Recent data released by Incapsula, a security company, showed that a university in the United States was attacked by a distributed denial of service service in February and the university's network was affected by a series of up to 54 hours.

Incapsula recently disclosed other details of the attack, saying the attacker seemed to be good at attacking the vulnerable device at the application layer.

Incapsula spokesman said in a blog post that "our client's classification system immediately found attacks from Mirai-powered botnets based on a number of characteristic factors, including packet header order, header value, and traffic source." Our research shows that, The attack devices used by the botnet include commonly used devices from Mirai, including CCTV cameras, DVRs and routers.

DDoS attacks make Netflix, Twitter offline

A DDoS attack in October was launched through IoT devices, which resulted in a series of sites getting offline. This attack deepens the industry's concerns about the security risks of the Internet of Things.

The denial-of-service attack was launched through IoT consumer devices, including webcams, routers and video recorders, which overloaded the Dynamic Web Services (Dyn) server, causing more than 1,200 Web sites to go offline.

Dny's function is to connect users to websites such as Twitter and Netflix. The Dyn's attack came from tens of millions of device addresses infected with malware code, causing normal users to lose access to Dyn's Web site due to the large amounts of data sent by these devices to Dyn.

DDoS attacks via vending machines hit a university

A preview of the 2017 Data Loss Summary released by Verizon in February shows that a university is hit hard by DDoS via vending machines, lights, and 5,000 other IoT devices.

According to Verizon, emergency respondents at the university observed that "a large number of alerting messages were made to the name server responsible for Domain Name Service (DNS) queries, as well as the abnormal number of subdomains associated with seafood."

When the hypervisor was locked, the university intercepted the plaintext password for the compromised IoT device in the network and used the information to change the password, preventing the next malware update. "

Hillary Clinton and Donald Trump's Campaign Websites Suffer From Attempted DDoS Attacks

According to security firm Flashpoint, some hackers conducted four Mirai botnet DDoS attacks on Hillary Clinton and Donald Trump's campaign website in November.

According to Flashpoint, their company recorded a Seventh HTTP (Application Layer) attack on Trump for 30 seconds, and the next day saw both Trump and Clinton's campaign websites attacked. The two sites did not go down during the DDoS attacks, and the site did not report off the assembly line.

A Flashpoint spokesman said on the company's website, "Flashpoint's assessment is that the Mirai botnet was split into smaller, competing botnets after the source code for the Mirai botnet was released, resulting in the number of people who were determined to exploit botnet devices Further increase, and our confidence in making such an assessment is moderate. "

DDoS attacks cause the BBC domain name to be unavailable

The BBC website was hit by DDoS on New Year's Eve 2016

Attack, the entire BBC area network can not be used normally for more than three hours, including on-demand custom TV and radio player.

The BBC said at the outset that there was a technical failure before it said that the network outage was caused by a DDoS attack.

Bank of Russia suffered several waves of DDoS attacks

At least five Russian banks continued their DDoS attacks in the two days of November, with victims including Sberbank and Alfabank.

According to the Security Services, the attack came from a gigantic botnet involving 24,000 computers and IoT devices in 30 countries. The bank's online customer service was not interrupted.

Kaspersky Lab, a security company, said the incident was the first time a Russian bank was hit by a large-scale DDoS attack in 2016.

LizardStresser staged a DDoS attack on the Olympics Olympics

Arbor Networks Security Engineering and Response Team revealed in a statement that several Olympics-related agencies were hit by "massive" DDoS attacks in September 2015.

Arbor Networks said in a statement that "most of the attack traffic contains UDP reflection and amplification attack vectors such as DNS, chargen, ntp, and SSDP, as well as direct UDP packet spam, SYN spam, and attacks on websites and DNS services Application layer attacks. "

According to Arbor Networks, a DDoS rental service called LizardStresser was the driver of the pre-Olympic DDoS attacks. Arbor Networks introduced several mitigation measures to help Olympic managers after the attack, and the operation of the system was guaranteed.

Brian Krebs website was attacked by DDoS

Security blogger Brian Krebs's Information Blog was attacked by DDoS in September 2016. Allegedly the peak traffic of the attack reached 620Gbps.

Krebs said it has confirmed the attacks were coming from the Mirai botnet. On his blog, he said: "The Mirai botnet launched the largest ever DDoS attack against KrebsOnSecurity. The source for the IoT botnet was released publicly last month and is almost certain, The Internet is going to be heavily attacked by many botnets, and some insecure routers, IP cameras, digital video recorders and other devices that easily get black will become accomplices to the botnet.

Krebs said in a blog post, "I guess, even now that's not the case." Many Internet users will soon complain to Internet service providers that the Internet is too slow due to the black IoT devices in their network taking up all Bandwidth, but it's also a good side, and it may help slow down the number of compromised systems. "