2016 Attack Trends
by Daniel Smith
2016 has been an eventful year when it comes to denial of service attacks. This year the industry as a whole has seen the largest attacks ever, and new attack vectors designed to test and challenge modern day defenses. Every year Radware’s ERT sees millions of attacks and our ERT Researchers throughout the year are constantly reviewing and analyzing these attacks to gain further insight into trends and changes in the attack vector landscape.
This year, two of the most common trends among attackers were burst attacks, aka “hit and run”, and advanced persistent denial of service (ApDoS) campaigns. Throughout the year we have observed a number of attackers using short bursts of high volume attacks in random intervals, and attacks that have lasted weeks, involving multiple vectors aimed at all network layers simultaneously. These types of attacks have a tendency to cause frequent disruptions in a network server’s SLA and can prevent legitimate users from accessing your services.
Hackers are also searching for new vectors and methods to carry out their network-crippling attacks. This year we saw an explosion in the use of Internet of Things (IoT) devices to create powerful botnets, along with a number of new attack vectors such as BlackNurse, an ICMP attack. Most notable was the release of the Mirai botnet source code by a user on HackForum. This botnet utilized 60+ factory default credentials found on BusyBox-based IoT devices and created the most powerful botnet seen to date. One of the more interesting factors behind Mirai was the Generic Routing Encapsulation (GRE) attack vector. This relatively new method encapsulates packets with a large amount of data in an attempt to exhaust resources as the receiving network de-encapsulates the payload.
Read more: http://ow.ly/hhqk306RtWc