The sharp spike in DDoS attacks were headed mainly by the Mirai malware – where storms of DDoS attacks targeted and took advantage of unsecured Internet of Things (IoT) devices to build massive botnets, launching DDoS attacks on a scale that the industry had never seen before.
The mammoth proportions of these attacks exceeded 1Tbps – which broke into new thresholds.
Worryingly, Mirai isn’t being slowed in its tracks.
Instead, researchers are beginning to believe that Mirai is just the start of things to come. Making public the code needed to launch an IoT-powered botnet was a first salvo. Leet, a rival botnet malware, has been hot on the heels of Mirai and used SYN payloads different than Mirai. This saga will only progress this year.
>See also: DDoS attacks: why size isn’t everything
Intel Security senior vice president and general manager Christopher Young warned that Mirai is thriving in his keynote presentation at RSA Conference 2017.
“We can’t think of the Mirai botnet in the past tense. It’s alive and well today, and recruiting new players,” he said.
So, it looks like this this is the era of the DDoS of Things (DoT), and by 2020 it’s estimated that there will be 24 billion connected IoT devices, which will add to the growing threat.
The DDoS of Things is pushing ahead at full steam, already powering bigger,smarter and more devastating multi-vector attacks than ever imagined.
Bad actors use IoT devices to build botnets which fuel colossal DDoS attacks. The DoT is reaching critical mass — recent attacks have leveraged hundreds of thousands of IoT devices to attack everything from large service providers and enterprises to gaming services, media and entertainment companies.
As an attack method, it’s now even easier for attackers to commandeer IoT devices for nefarious purposes. It’s common knowledge that many devices have unsecure default credentials and the basic instructions that are available online make it easy for criminals to take advantage. The DDoS-for-hire market is developing at a quick rate.
In fact, this increased activity has lead Deloitte Global to predict that attacks reaching or exceeding 1 Tbps or more will be commonplace in 2017. Deloitte posits that there will be an average of one 1 Tbps attack or larger per month this year, as the total number of DDoS attacks surpasses 10 million globally.
Need more proof? This DDoS of Things infographic has numbers that are as startling as they are informative. For example, there are roughly 3,700 DDoS attacks per day, and the cost to an organisation can range anywhere from £10,000 to £2 million per incident. And once a business is attacked, there’s an 82 percent change they’ll be attacked again.
DDoS attacks are damaging, so it’s vital to take precautions to stop the attacks in their tracks. Along with service disruption, DDoS attacks have a lasting impact that harms your brand, your revenue and your user experience. You need to fight back.
Sourced by Dr Chase Cunningham, director of cyber operations, A10 Networks