IT Security Insiders: Expect an Escalation in DDoS Attacks for Duration of 2017

4GHadmin | 31 July 2017
Reading Time: 4 minutes

The long and short of it is that Internet security will always be a forefront topic in this industry. That’s a reflection of both the never-ending importance of keeping data secure given the predominance of e-commerce in the world today and the fact that cyber hackers will never slow in their efforts to get ‘in’ and do harm in the interest of making ill-gotten financial gains for themselves.

So with the understanding that the issue of security / attacks / preventative measures is never going to be moving to the back burner, let’s move forward to discuss what the consensus among web security experts is – namely, that DDoS Attacks are likely to occur at an even higher rate than previously for the remainder of 2017.

Here at 4GoodHosting, in addition to being one of the best web hosting providers in Canada we’re very active in keeping on top of trends in the Web-based business and design worlds. as they tend to have great relevance to our customers. As such, we think this particularly piece of news is worthy of some discussion.

Let’s have at it – why can we expect to see more DDoS attacks this year?

Data ‘Nappers and Ransom Demands

As stated, IT security professionals predict that DDoS attacks will be more numerous and more pronounced in the year ahead, and many have started preparing for attacks that could cause outages worldwide in worst-case scenarios.

One such scenario could be – brace yourselves – a worldwide Internet outage. Before you become overly concerned, however, it would seem that the vast majority of security teams are already taking steps to stay ahead of these threats, with ‘business continuity’ measures increasingly in place to allow continued operation should any worst-case scenario come to fruition.

Further, these same insiders say that the next DDoS attack will be financially motivated. While there are continued discussions about attackers taking aim at nation states, security professionals conversely believe that criminal extortionists are the most likely group to successfully undertake a large-scale DDoS attack against one or more specific organizations.

As an example of this, look no further than the recent developments regarding Apple and their being threatened with widespread wiping of devices by an organization calling itself the ‘Turkish Crime Family’ if the computing mega-company doesn’t cough up $75,000 in cryptocurrency or $100,000 worth of iTunes gift cards.

A recent survey of select e-commerce businesses found that 46% of them expect to be targeted by a DDoS attack over the next 12 months. Should that attack come with a ransom demand like the one above, it may be particularly troublesome for any management group (given the fact that nearly ALL of them will not have the deep pockets that Apple has)

Further, the same study found that a concerning number of security professionals believe their leadership teams would struggle to come up with any other solution than to give in to any ransom demands. As such, having effective protection against ransomware and other dark software threats is as important as it’s ever been.

Undercover Attacks

We need to mention as well that these same security professionals are also worried about the smaller, low-volume DDoS attacks that will less 30 minutes or less. These have come to be classified as ‘Trojan Horse’ DDoS attack, and the problem is that they typically will not be mitigated by most legacy DDoS mitigation solutions. One common ploy used by hackers is to employ a Trojan horse as a distraction mechanism that diverts guard to open up the gates for a separate, larger DDoS attack.

Citing the same survey yet again, fewer than 30% of IT security teams have enough visibility worked into their networks to mitigate attacks that do not exceed 30 minutes in length. Further, there is the possibility of hidden effects of these attacks on their networks, like undetected data theft.

Undetected data theft is almost certainly more of a problem than many are aware – and particularly with the fast-approaching GDPR deadline which will make it so that organizations could be fined up to 4% of global turnover in the event of a major data breach deemed to be ‘sensitive’ by any number of set criteria.

Turning Tide against ISPs

Many expect regulatory pressure to be applied against ISPs that are perceived to be insufficient in protecting their customers against DDoS threats. Of course, there is the question as to whether an ISP is to blame for not mitigating a DDoS attack when it occurs, but again it seems the consensus is that it is, more often that not. This seems to suggest that the majority would find their own security teams to be responsible.

The trend seems to be to blame upstream providers for not being more proactive when it comes to DDoS defense. Many believe the best approach to countering these increasing attacks is to have ISPs that are equipped to defend against DDoS attacks, by both protecting their own networks and offering more comprehensive solutions to their customers via paid-for, managed services that are proven to be effective.

We are definitely sympathetic to anyone who has concerns regarding the possibility of these attacks and how they could lead to serious losses should they be able to wreak havoc and essentially remove the site from the web for extended periods of time. With the news alluded to earlier that there could even be a worldwide Internet outage before long via the new depth and complexity of DDoS attacks, however, it would seem that anyone with an interest in being online for whatever purpose should be concerned as well.

0

Defining DNS…. And What’s Exactly In It For Hackers?

4GHadmin | 04 February 2017
Reading Time: 3 minutes

DNS isn’t exactly a buzzword in discussions among web hosting providers or those in the web hosting industry, but it’s darn close to it. DNS is an acronym for Domain Name Servers and what DNS does is see to it that after entering a website URL into your browser you then end up in the right spot – among the millions upon millions of them – on the World Wide Web.

DNS. Domain name system sign on white background

When you enter this URL, your browser starts trying to figure out where that website is by pinging a series of servers. These could be resolving name servers, authoritative name servers, or domain registrars, among others. But those servers themselves – often located all around the world – are only fulfilling an individual part in the overall process.

The process itself is a verification of identities by means of converting URLs into identifiable IP addresses, which the networks communicate with each other and by which your browser confirms that it’s taking you down the right path. In a world with literally billions of paths, that’s a more impressive feat than you might think, especially when you consider it’s done in mere seconds and with impressive consistency.

It’s quite common to hear of DNS in conjunction with DDoS, with is another strange acronym that is paired with the term ‘attack’ to create a phenomena noun. What DDoS is and how it’s related so explicitly to DNS much of the time is as follows:

A DDoS attack is a common hack in which multiple compromised computers are used to attack a single system by overloading it with server requests. In a DDoS attack, hackers will use often use infected computers to create a flood of traffic originating from many different sources, potentially thousands or even hundreds of thousands. By using all of the infected computers, a hacker can effectively circumvent any blocks that might be put on a single IP address. It also makes it harder to identify a legitimate request compared to one coming from an attacker.

The DNS is compromised in the way browsers essentially can’t figure out where to go to find the information to load on the screen. This type of attack happens typically involves hackers creating a little army of private computers infected with malicious software known as a Botnet. The people that are often participating in the attack don’t realize their computer has been compromised, and is now a part of the growing problem.

Why Go To So Much Trouble?

With all of this now understood, it begs the question – What’s in it for hackers to do this?

technology, cyberspace, virtual reality and people concept - man or hacker in headset and eyeglasses with keyboard hacking computer system or programming over binary code projection

It’s believed that the initial appeal of hacking is in proving that you can penetrate something / somewhere that’s purported to be impenetrable, and where someone with a skill set similar to yours has gone to significant effort to make it that way. It’s very much a geeks’ chest thumping competition – my virtual handiwork is better than yours!

As hackers become established and the ‘novelty’ of hacking wears off however, these individuals often find new inspiration for their malicious craft. The more time they spend doing it, the sooner they realize that a certain level of skills can introduce them to opportunities for making money with hacking. Among other scenarios, this can be either by stealing credit card details and using them to buy virtual goods, or by getting paid to create malware that others will pay for. And that happens much more often than you might think.

Their creations may silently take over a computer, or subvert a web browser so it goes to a particular site for which they get paid, or lace a website with commercial spam. As the opportunities in the digital world increase, hacking opportunities increase right along with them and that’s the way it will continue to be

Here at 4GoodHosting, we are constantly reevaluating the security measures we have in place to defend our clients’ websites from DDoS attacks, as well as keeping on top of industry trends and products that help us keep hackers and their nefarious handiwork away from you and your website. It’s a priority for sure.

0