Report: More, stronger cyber attacks to flood networks

Report: More, stronger cyber attacks to flood networks
© Thinkstock

A popular cyber attack used to clog victims’ internet connections is being used more frequently at far higher strengths, according to a new report. 

An Arbor Networks report released Tuesday said it detected a drastic increase in the number of so-called distributed denial of service attacks, and more attacks capable of taking down large networks. 

Distributed denial of service attacks (usually abbreviated DDoS) overflow a server with traffic by using hundreds or thousands of computers to simultaneously try to connect to them. The technique can be used to crash websites, communications networks, even networked video games – including, recently, Pokemon Go.

Arbor Networks, which sells DDoS solutions, tracks the number and strength of DDoS attacks by compiling global data from more than 300 internet providers. 

ADVERTISEMENT
According to the report, the average DDoS attack over the first half of 2016 is now capable of swallowing 30% more bandwidth than in 2015, up to 986 megabits a second. 

“That is important because it gets close to the magic number of 1 gigabit a second [1000 megabits] .One gigabit is the amount of bandwidth they are capable of handling,” said Darren Anstee, chief security officer of Arbor Networks. 

The company projects that the average attacks will reach 1.1 gigabits per second (Gbps) by the end of the year. 

At the same time, the company is beginning to see a rapid increase in high-powered attacks. In all of 2015, Arbor Networks only detected 223 attacks over 100 Gbps. This year, they have already seen 274. 

The numbers are even starker at 200 Gpbs. Last year, they saw a total of 16. In the first half of 2016, they have seen 46. 

The increase in strength is, in part, due to better methods of “amplifying” attacks – ways to trick targets into receiving more data than the original computers send out. 

DDoS attacks usually rely on “botnets,” networks of computers with partially hijacked resources. With the increase in the traditionally not-hard-to-hack Internet of Things devices, like internet connected cameras and refrigerators, there is a greater supply of devices to use in these types of attacks. While a toaster is making toast it could also be flooding a major corporation’s network. 

There have been legislative efforts to curb botnets in recent weeks. Law enforcement agencies have sought updates to the rules of search and seizure to make it easier to hack and dismantle botnets, and Sens..Lindsey GrahamLindsey Olin Graham2020 hopefuls skeptical of criminal justice deal with Trump Senate gets to work in August — but many don’t show up Graham: Flynn should lose security clearance MORE (R-S.C.) and Sheldon WhitehouseSheldon WhitehouseDems to challenge Kavanaugh for White House records Overnight Defense: Officials make show of force on election security | Dems want probe into Air Force One tours | Pentagon believes Korean War remains 'consistent' with Americans Dems call for investigation of Trump Air Force One tours MORE (D-R.I.) have routinely introduced botnet legislation with similar powers. But civil liberties advocates have complained that granting law enforcement the ability to hack computers without users permission is a violation of privacy rights.