Thursday, January 6, 2011

Recent Cyber Monday DDoS Attacks "revealed a sophisticated and motivated attacker”

  
"Hundreds of times each day, attackers use a technique called distributed denial of service, or DDoS, that involves coordinating home PCs to flood targeted websites with nuisance requests — to the point where no one else can access the site .. Most DDoS attacks get blocked or filtered. But the volume and sophistication of such attacks accelerated in 2010, a trend that looks to intensify in 2011 .. "

Story by Byron Acohido (picture), USA TODAY - "Protesters, botnet gangs accelerate DDoS attacks against corporations" - here.

"DDoS attacks that stem from cybergangs controlling networks of infected home PCs, called botnets, are becoming more elaborate. "As it stands today, any Web service can be taken down at any time," says Gunter Ollmann, head of research at network security firm Damballa.

Some DPI/traffic management vendors offer DDoS prevention functions, as an add-on to traffic management (see examples from Allot, Procera and Sandvine), by detecting traffic anomalies and blocking the relevant packets, thus protecting networks and business or residential subscribers from being attacked. These solutions also identify infected subscribers, and can potentially isolate (quarantine) these subscribers in order to go through a "cleaning" process. See chart below from Allot's datasheet.

See also - "Yankee Group Prediction: A Denial-of-Service Attack Will Take a 4G Network Down" - here - as these security threats are no longer unique to fixed broadband services, but for mobile networks as well.


No comments:

Post a Comment