The latest Attack a DDOS Based attack but attackers used late 2003 method of botnets used by Indian Snakes - Yaha-Q mail malware based DDOS attacks
A cyber attack which was executed targeting a single company is now being described by experts as one of the biggest Distributed Denial of Service (DDoS) attacks in Internet history. The attack, which recently began impacting elements of the Internet's physical infrastructure, has been dragging down Internet speeds in the World - but what makes this type of attack different from all other recent attacks ?
The attacks originally targeted a European anti-spam company called Spamhaus, which blacklists what it considers sources of email
spam and sells those blacklists to Internet Service Providers. The
attack began early last week as waves of large but typical DDoS assaults
shortly after Spamhaus blacklisted Cyberbunker, a controversial web hosting company. Cyberbunker has not directly taken responsibility for the attacks against Spamhaus.
In a common DDoS attack, hackers use thousands of computers to send bogus traffic at a particular server in the hopes of overloading it. The computers involved in DDoS attacks have often been previously infected with malware that gave a hacker control of the machine without the legitimate owner's knowledge. Hackers use malware (often sent via email spam)
to amass large networks of infected computers, called "botnets," for
DDoS operations and other purposes and cyber world is known with such
attacks and was executed by Indian Hackers namely Snakes in 2002 where
they used Yaha-Series malware to ddos and paralise the Government Servers of Pakistan .
Spamhaus contracted with security
firm CloudFlare to help mitigate the attacks soon after they began.
CloudFlare has been defending Spamhaus by spreading the attacks across
multiple data centers, a technique that can keep a website online even if it's hit by the maximum amount of traffic a typical DDoS can generate.
These attacks,
however, have evolved into a complex and ferocious beast, pointing up to
300 gigabits per second at an expanding list of targets. How?
After the
hackers realized they couldn't knock Spamhaus offline while it was
protected by CloudFlare, they chose a different tactic: targeting
CloudFlare's own network providers by exploiting a known fault in the
Domain Name System (DNS), a key piece of Internet infrastructure.
Kaspersky Labs, a leading security research group, called it "one of the largest DDoS operations to date."
Internet speeds around the world can be impacted by such large-scale DNS amplified DDoS attacks
because the Internet relies on DNS to work — major interference with
DNS can have consequences for services not necessarily being directly
targeted by such an attack.
What can be done to prevent these tech DDoS attacks?
- Internet Service Providers should implement technologies that prevent hackers from spoofing victims' IP addresses.
- Network administrators need to close any and all open DNS resolvers running on their network.
"Anyone that's running a network needs to go to openresolverproject.org, type in the IP addresses of their network and see if they're running an open resolver on their network, Because if they are, they're being used by criminals in order to launch attacks online. And it's incumbent on anyone running a network to make sure they are not wittingly aiding in the destruction of the Internet."
"The good news
about an attack like this is that it's really woken up a lot of the
networking industry and these things that have been talked about for
quite some time are now being implemented,"
But literally, the attack have open the eyes of both the security pro and the geeeks to work on such attacks and chances are On to handle similar attacks soon
No comments:
Post a Comment