26 august 2021
The Threat of DDoS Attacks is Increasing
More than 20 years have passed since the first DDoS attack, but little has changed during this time. Universal digitalization continues, but humanity has not yet been able to develop a common defense algorithm. Botnets are becoming even more sophisticated and continue to cause significant damage. Nevertheless, the market is regularly updated with all sorts of devices with Internet access. Today, every rudimentary gadget has its own IP address but does not have sufficient protection. It is precisely the numerous IoT devices that can become a tidbit for insidious botnet creators. Many people consider DDoS attacks to be a rare phenomenon, but this is a big misconception. Several million intrusions are recorded every year, and their power is only growing.
Echo of the Mirai Worm
Mirai is capable of hacking Internet of Things devices by finding vulnerabilities in the same type of account access. The botnet, designed to conduct DDoS attacks, chose as targets: surveillance cameras, heat regulators, toasters, and other appliances. Thanks to single-type logins and passwords with a simple set of combinations, he caused $100 million in damage. In 2016, several attacks were using the Mirai worm. It is worth noting that the hackers did not attack government agencies. They targeted individuals and large internet providers.
A well-known cybercrime fighter Brian Krebs was chosen as a test target. In retaliation for scandalous publications, the journalist's website was hacked. Its server received traffic of 623 Gbit/s, which was a record five years ago. Then, European web-hosting provider, OVH was attacked, more precisely the Minecraft servers. It was suggested that 1.1 Tbps of traffic was generated by 145 thousand IoT devices. The next victim of the worm was DNS-operator Dyn, which served well-known companies: HBO, Twitter, Reddit, PayPal, and Netflix. For some time, they were completely disconnected from the global network. A long time has passed, but Mirai is still dangerous, and its improved version is waiting in the wings.
Zeus Banking Trojan Justifies Its Name
Zeus is rightfully at the top of the list of most wanted botnets in North America. It is believed to be involved in the vast majority of banking fraud. From 2007 to the present, the botnet has been used to steal payment data for virtual network banking transactions. The Trojan program, which aims to intercept passwords from users' payment systems, has caused more than $100 million in damage. A guest account is enough to infect a Windows-based device. Many users fell victim to the botnet by getting infected through email spam, trap links, and social networks. Zeus has been involved in the creation of hundreds of disparate botnets that have been used to steal online banking credentials to this day.
The beginning of 2021 was marked by the emergence of new threats. The FreakOut botnet attacked Linux devices. Botnet operators exploited several vulnerabilities in the software installed on the device. Hackers could use the infected devices to conduct DDoS attacks or mine cryptocurrency. Then one more version of Mirai made itself known. The attack targeted network devices through recently discovered vulnerabilities and several unknown bugs. Another botnet followed a well-known pattern and attacked Android devices via a debugging interface. Experts believe that this trend will continue. Shortly, the number of DDoS attacks on various online resources will increase manifold. There are several reasons for this:
- increase in the number of potential hackers from students who have switched to distance learning due to the pandemic;
- an increase in the load on Internet resources, due to the transition of many employees to work remotely;
- the emergence in the public domain, powerful tools for organizing DDoS attacks.
In addition, the power of DDoS attacks may increase due to the development of 5G networks. The latest technology will allow launching more than 1 Gbit/sec from each mobile device. If an operator has many infected gadgets, the total volume may reach several Tbit/sec. It would be very difficult to repel such an attack. On top of that, it is worth considering the increased use of bots when launching DDoS attacks. This will only add fuel to the fire.