Juke left – go right

Distributed Denial of Service (DDoS) attacks can take on many forms. They can be carried out by hackers, competitors, former employees, be state-sponsored or could even be carried out by dissatisfied customers who are looking for revenge. In this blog post, you'll learn more about how DDoS attacks work, how they are being used and what you can do to keep your assets safe.

Nov 26, 20206:00 AM2 min read

A common use of DDoS attacks is to distract those whose job is to stop the attack, by redirecting their attention from other cybercrimes being committed at the same time. For example, a company could fall victim to a DDoS attack and as staff are busy trying to fix the problem, attackers could be downloading passwords and login information - which could be used to go even deeper into the victim’s various systems. The attackers could exploit this information instantly, or they could wait several months before they return with a targeted attack. What is more, the reality is that 30% of all companies will, at some point, be exposed to a DDoS attack.

Botnets lay the foundation for DDoS attacks, as it’s all about sending as much traffic as possible at a targeted organization. A common expression is that no system is stronger than its weakest link. Take KashmirBlack for example, which still exploits a weakness in various CMS-systems’ PHP Unit – which was reported as early as in 2017 (CVE-2017-9841). Hackers usually target CMS systems as they often have low security and use old or outdated versions of various components. The person responsible for the system must therefore look at the bigger picture and not only ensure, for example, that individual users are up to date. KashmirBlack is controlled from a C&C server and has more than 60 additional servers at its disposal, which often are completely unaware that they are part of a botnet. These servers control hundreds of thousands of bots and instruct them to carry out attacks, expand the botnet, and install malicious code.

We often see that customers are unaware of what exactly they are exposing on the internet. In addition to a CMS system, it could also involve an online invoice or webmail, as well as a number of IoT devices - which are currently increasing exponentially in numbers. Today, there are approximately 7.7 million IoT devices connected, but, according to ENISA, only 1 in 20 of these are protected behind a firewall.

With strong, cloud-based DDoS protection, you lay the foundation for an effective defense that stops the botnet and ensures that you won’t get unwanted traffic to your network connection.

Stay safe out there!

Nov 26, 20206:00 AM

Ola Björling

Related posts

Blog

A day in life for a Data Scientist

2 min read
Blog

A warning to the CISO! My kids are coming!

2 min read