DDOS Amplification Attack Study Shows Effectiveness

http://www.christian-rossow.de/publications/tcpamplification-woot2014.pdf

written by:

Marc Kührer, Thomas Hupperich, Christian Rossow, Thorsten Holz
Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany
The researchers did a variety of scans – udp and tcp based scans to test the Internet.
potentialDDOSamplifiersinStudy
This table means that there are hundreds of thousands potential computers(network devices) on the Internet that can be used to attack other computers  using a specialized DDOS amplification attack.
This means that the criminal hacker has many ways to attack our infrastructure.
Here is a past post on DDOS (successfully brought down a site for 45 hours)
ddos-reflectorattacks1
So the problem is there are many ways to make attacks
{ From the viewpoint of an attacker, also the number of amplifiers is important to scale up the overall attack bandwidth. For UDP, Approximately 2.8 million NetBIOS amplifiers, 30.5 million DNS amplifiers, and 87,463 NTP monlist amplifiers could be found [6]. Especially the huge number of DNS amplifiers can cause a considerably higher impact (about 10x compared to an attack using FTP) than any TCP protocol in Table 4. }
We are susceptible to DDOS attacks. no ifs or buts.
Remember this attack?
sonysitenotavl
And as there are zombie computers the available attackers are always going to be there…
The attack the researchers are talking about are about reflective attacks which do not require  zombies… there will also be zombie DDOS attacks.
So we know attacks are coming now what?
In the Hotschedules attack the CEO said that

{ Considering that 90 percent of companies suffer DDoS attacks, protection is worth it, no matter how much it may cost. }

So if you have an Internet based business you have to take DDOS attacks into your risk management analysis.

There are things you can do… it may not be cheap though. It all depends  on your situation.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.