Security News

Findings from Link11's H1 2020 DDoS Report reveal a resurgence in DDoS attacks during the global COVID-19 related lockdowns. The new method of attack was used hundreds of times for DDoS attacks during the COVID-19 pandemic in the second quarter of 2020.

DDoS attacks have become a global risk, and as attacks continue to increase in complexity, further spurred by the pandemic, ISPs will have to strengthen their security measures. While DDoS attacks disrupt service for large companies and individuals alike, ISPs face increasing challenges to curb undetectable and abnormal traffic patterns before they evolve into uncontrollable reflection attacks.

Hackers continue to exploit the recently patched BIG-IP security flaw and they have plenty of potential targets as researchers have identified thousands of vulnerable systems. The security hole has been described as a critical remote code execution vulnerability that can be exploited to take complete control of a system.

In the first quarter of 2020, DDoS attacks rose more than 278% compared to Q1 2019 and more than 542% compared to the last quarter, according to Nexusguard. Researchers attribute the sharp rise in incidents to malicious efforts during the COVID-19 pandemic, causing DDoS attacks to interrupt service for large companies and individuals alike.

Australia will hire 500 hackers as part of a AU$1.35bn boost to protect the nation's networks from a wave of cyber attacks. Prime Minister Scott Morrison announced this morning that the government would funnel the money from existing defence funding over the next decade to bolster the capabilities of the Australian Signals Directorate and the Australian Cybersecurity Centre.

A recently identified piece of cryptojacking malware includes functionality that enables its operators to launch distributed denial of service attacks, Palo Alto Networks reports. The malware enables itself with debug privilege and begins operation by launching several threads.

A man who developed distributed denial of service botnets based on the source code of Mirai was sentenced to 13 months in federal prison. Initially based on the publicly available Mirai source code, the botnets received additional capabilities over time, which increased their complexity and efficiency, the DoJ says.

The United States Department of Justice yesterday sentenced a 22-year-old Washington-based hacker to 13 months in federal prison for his role in creating botnet malware, infecting a large number of systems with it, and then abusing those systems to carry out large scale distributed denial-of-service attacks against various online service and targets. According to court documents, Kenneth Currin Schuchman, a resident of Vancouver, and his criminal associates-Aaron Sterritt and Logan Shwydiuk-created multiple DDoS botnet malware since at least August 2017 and used them to enslave hundreds of thousands of home routers and other Internet-connected devices worldwide.

Akamai on Thursday revealed that it mitigated a second record-setting distributed denial-of-service attack since the beginning of June, one that peaked at 809 MPPS. Earlier this month, the company shared details on the mitigation of a 1.44 TBPS DDoS assault that reached 385 MPPS at its peak, but the more recent incident, which happened on June 21, was more than double the size in terms of PPS. The attack, which lasted just over 10 minutes, reached 418 GBPS within seconds, and 809 MPPS in two minutes. Designed to overwhelm DDoS mitigation systems through a high PPS load, the attack involved the use of packets carrying 1 byte payloads, Akamai says.

Akamai reckons it blocked what may be the largest distributed denial-of-service attack ever, in terms of packets per second. The security team told The Register it is the largest such attack Akamai has ever encountered, let alone blocked, and the CDN believes that it is likely the largest DDoS attack to hit any network, in terms of packets per second.