DDOS attacks are leveraging the cloud

DDOS attacks are leveraging the cloud

The latest quarterly report on distributed denial of service attacks by Prolexic finds that this year’s DDOS attacks are packing more of a punch.

The attacks during Q2 2014 were shorter but used more bandwidth and delivered more packets than during the same period last year. This is due, at least in part, to the cloud. In addition to using reflection and amplification techniques, attackers also exploited vulnerable servers, more powerful than PCs, the report concludes.

“When building server-side botnets, attackers have been targeting platform-as-a-service and software-as-a-service vendors with server instances running software with known vulnerabilities,” the authors wrote. These include versions of Linux, Apache, MySQL, PHP stack and Microsoft Windows server operating systems. These exploits allowed attackers to not only leverage the power of the cloud, but to hide in it as well, using the vendors’ IP reputations to help ensure that packets get through to their targets.

Prolexic found that these cloud-based attacks were observed in “the most sophisticated and carefully orchestrated DDOS campaigns.” But because of their effectiveness, the analysts expect them to continue. “They pose a significant danger to businesses, governments and other organizations that could have an entire data center taken offline for the duration of the attack,” they wrote.

About the Author

William Jackson is a Maryland-based freelance writer.

Featured

  • 2020 Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    21 Public Sector Innovation award winners

    These projects at the federal, state and local levels show just how transformative government IT can be.

  • Federal 100 Awards
    cheering federal workers

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

Stay Connected