DDoS attacks could soon be bigger and more dangerous than ever

A white padlock on a dark digital background.
(Image credit: Shutterstock.com)

Threat actors have finally started using a Distributed Denial of Service (DDoS) method that has the potential to be hundreds of times stronger than the strongest recorded attacks.

Cybersecurity researchers from Akamai recently published a report in which they detailed discovering a DDoS attack that abuses middleboxes, reaching 11Gbps and 1.5 million packets per second.

We say “finally”, because this type of attack was first theorized almost a year ago by security researchers at the University of Maryland and the University of Colorado at Boulder. 

TechRadar needs you!

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.

>> Click here to start the survey in a new window <<

Hundreds of thousands of misconfigured servers

The researchers’ paper noted there is an entire swarm of misconfigured servers out there, counting more than 100,000 endpoints, that could be abused to amplify the data threat actors use in their DDoS attacks. 

These servers, also known as middleboxes, are usually deployed by nation-states and used to censor unwanted content, block pirated content, porn, or gambling sites. 

The misconfiguration part lies in the fact that these servers don’t follow transmission control protocol specifications that demand a three-way handshake before establishing a connection.

Akamai says threat actors are already targeting sites in the banking, travel, gaming, media, and web-hosting industries.

Amplification works by spoofing the target’s IP address, and bouncing relatively small amounts of data at a misconfigured server used for resolving domain names, syncing computer clocks, or speeding up database caching. 

When the server responds, it sends up to hundreds of times bigger data packets, easily overwhelming the spoofed target. According to the researchers, the amplification factor ranges from 54 times, to an astonishing 51,000 times. 

Discussing Akamai’s findings with ArsTechnica, Kevin Bock, the lead researcher behind the research paper published by the University of Maryland and the University of Colorado at Boulder, said he wasn’t surprised.

“We expected that it was only a matter of time until these attacks were being carried out in the wild because they are easy and highly effective. Perhaps worst of all, the attacks are new; as a result, many operators do not yet have defenses in place, which makes it that much more enticing to attackers.”

Via: ArsTechnica

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
An image of network security icons for a network encircling a digital blue earth.
Standing strong against hyper-volumetric DDoS attacks
Web DDoS attacks see major surge as AI allows more powerful attacks
DDoS Attack
World's largest DDoS attack blocked, Cloudflare claims
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Cisco, ASUS, QNAP, and Synology devices hijacked to major botnet
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Industrial routers are being hit by zero-days from new Mirai botnets
ransomware avast
“Every organization is vulnerable” - ransomware dominates security threats in 2024, so how can your business stay safe?
Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over