Large DoS Attacks More Than Quadruple in 2013: Study
The majority of denial-of-service attacks now exceed 1G bps, according to a new report from Arbor Networks.While the vast majority of denial-of-service attacks continues to be the typical background "noise" of rival gamers, online criminals and Internet vandals causing problems for each other, the more serious, higher-bandwidth attacks have quadrupled, according to a quarterly report released Oct. 16 by Arbor Networks. Denial-of-service (DoS) attacks exceeding 20G bps, which will overwhelm almost any online service's bandwidth, more than quadrupled so far in 2013, compared with the previous year, according to the network management firm. While the attacks account for only approximately 1 percent of all data floods, the increase in large-bandwidth DoS attacks suggests that more serious groups are now using denial of service as a common tactic. The surge in the number of "over 20G bps attacks shows that you have a lot of activity driven by other motivations," Dan Holden, Arbor's director of security research, told eWEEK. "That number increasing that much is showing that there is a lot of growth in more serious attack motivations." Denial-of-service attacks are increasingly used as part of hacktivism and cyber-criminal campaigns in a variety of ways. Extortion scams used packet floods to overwhelm online gambling, retail and other sites that quickly lose money if their customers cannot connect; paying the ransom will allegedly stop the attacks, for a while. Online thieves use DoS attacks to distract defenders at financial institutions, so they are less vigilant during account thefts. Hacktivists, such as the al Qassam Cyber Fighters, disrupted financial institutions to incur costs to Western companies.
Yet most attacks are gamers who use short DoS attacks to kick opponents offline during a game, rival cyber-criminal organizations who seek advantage in the underground and Internet vandals who do it for fame. These "short, sharp" attacks have dominated packet floods, according to Holden. While the bandwidth used by the average DoS attack jumped 78 percent, seven out of every eight attacks lasts less than an hour.