DISTRIBUTED DENIAL-OF-SERVICE (DDoS) attacks are getting more powerful and more sophisticated by the day, according to tier-one network provider Level 3 Communications.
Dale Drew, chief security officer at Level 3, said that the company does not even try to come up with a worst case scenario in its planning because "we experience the worst case scenario every year".
"Attack traffic becomes more sophisticated and brings to bear more bandwidth consumption than we have ever seen in years past. As such, we know the threats will only grow and morph," he said.
Part of the reason is that new devices from the IoT are being harnessed for botnets, adding to the amount of traffic that can be focused on a target.
An attack on the KrebsOnSecurity blog last week peaked at 620Gbps. The blog belongs to security expert Brian Krebs, who believes that the attack may have been the result of his exposure of two Israeli teens who ran a business that sold subscriptions to a DDoS attack platform for $20 to $200 a month.
He also said that the attackers seemed to have used a botnet made up of internet-connected devices such as security cameras rather than computers.
The traffic surge that took down Krebs' site, then believed to be a record, was dwarfed a by a similar DDoS attack at around the same time on French web host OVH at a rate of more than 1Tbps, possibly rising as high as 1.5Tbps.
The attack was apparently performed using a botnet of hacked digital video recorders and security cameras, and may have been orchestrated by the same people who hit Krebs, who are now in custody.
The attacks on OVH were first reported on 19 September. Founder Octave Klaba said that after an initial attack of 1.1Tbps, 6,800 new cameras joined the botnet and the site was hit by wave after wave of traffic surges. OVH is back online now.
This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send >1.5Tbps DDoS. Type: tcp/ack, tcp/ack+psh, tcp/syn.— Octave Klaba / Oles (@olesovhcom) September 23, 2016
This is not the first time that connected IoT devices have been used in botnets. DDoS attacks on Sony's PlayStation Network and Microsoft's Xbox Live last year were orchestrated through hacked home routers.
The LizardStresser botnet, capable of attacks of up to 400Gbps, targeted IoT devices in June using default passwords that are shared among entire device classes. μ
Alexa, play that 'Let It Go' song 30 times
Webstresser's admins were also arrested as part of major op
Gamers, empty your piggy banks
Vulnerability lurked in the hardcode of the H298N router