DDOS attacks are leveraging the cloud

DDOS attacks are leveraging the cloud

The latest quarterly report on distributed denial of service attacks by Prolexic finds that this year’s DDOS attacks are packing more of a punch.

The attacks during Q2 2014 were shorter but used more bandwidth and delivered more packets than during the same period last year. This is due, at least in part, to the cloud. In addition to using reflection and amplification techniques, attackers also exploited vulnerable servers, more powerful than PCs, the report concludes.

“When building server-side botnets, attackers have been targeting platform-as-a-service and software-as-a-service vendors with server instances running software with known vulnerabilities,” the authors wrote. These include versions of Linux, Apache, MySQL, PHP stack and Microsoft Windows server operating systems. These exploits allowed attackers to not only leverage the power of the cloud, but to hide in it as well, using the vendors’ IP reputations to help ensure that packets get through to their targets.

Prolexic found that these cloud-based attacks were observed in “the most sophisticated and carefully orchestrated DDOS campaigns.” But because of their effectiveness, the analysts expect them to continue. “They pose a significant danger to businesses, governments and other organizations that could have an entire data center taken offline for the duration of the attack,” they wrote.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Tue, Jul 29, 2014 William Jackson

The DDOS danger described in the report is the ability of the attacker to use cloud-based servers as an attack platform. Because of the cloud's ability to accommodate spikes in demand, this makes cloud-based server-side botnets potentially more powerful than a traditional botnet. If the target is also located in a cloud, throwing bandwidth at the problem could be an effective defense, but if it is a case of Cloud vs. Cloud it might not always work.

Tue, Jul 29, 2014 Chris Parente Alexandria VA

Bill -- hope you're well. Been enjoying your coverage of DNS and security-related topics for years. Question -- this article would seem to suggest that leveraging the cloud makes agency more susceptible to DDoS attacks. However, wouldn't using a hybrid cloud approach actually provide MORE protection from DDoS. Reasoning -- the immense computing power and size of the cloud instance being connected to -- let's use AWS as an example -- would allow the agency in a DDoS emergency to "throw bandwidth at the problem," to use the industry phrase. This sound plausible to you, and to your knowledge any providers out there suggesting this to agencies? Enjoy the rest of your summer.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above