DDOS attacks are leveraging the cloud

DDOS attacks are leveraging the cloud

The latest quarterly report on distributed denial of service attacks by Prolexic finds that this year’s DDOS attacks are packing more of a punch.

The attacks during Q2 2014 were shorter but used more bandwidth and delivered more packets than during the same period last year. This is due, at least in part, to the cloud. In addition to using reflection and amplification techniques, attackers also exploited vulnerable servers, more powerful than PCs, the report concludes.

“When building server-side botnets, attackers have been targeting platform-as-a-service and software-as-a-service vendors with server instances running software with known vulnerabilities,” the authors wrote. These include versions of Linux, Apache, MySQL, PHP stack and Microsoft Windows server operating systems. These exploits allowed attackers to not only leverage the power of the cloud, but to hide in it as well, using the vendors’ IP reputations to help ensure that packets get through to their targets.

Prolexic found that these cloud-based attacks were observed in “the most sophisticated and carefully orchestrated DDOS campaigns.” But because of their effectiveness, the analysts expect them to continue. “They pose a significant danger to businesses, governments and other organizations that could have an entire data center taken offline for the duration of the attack,” they wrote.

About the Author

William Jackson is a Maryland-based freelance writer.

Featured

  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/Shutterstock.com)

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.