DDOS Attacks Incident Analysis
Introduction
The incidents of malware attacks have been rose 10 times since 2009 out of which 92% of the malware were delivered by mails. Malware and Distributed denial of service attacks continue to host the botnet control servers in the world out of which 7 out 10 malware were ransomware. The average cost of data breach to the companies is $3.86 million that takes on an average of 191 days to identify a data breach (Yik Ern, Alfred. 2019).
A distributed denial service attack occurs when an attacker or a group of attackers trying to invade the services delivered. It can be possible by thwarting access virtually of anything be it devices, services, networks, applications or even specific transaction applications. The impact of the DDOS attack could range from a minor annoyance to huge costing to business. The primary motive of DDOS and DOS is to compromise the availability of a system thereby weakening the system on a major stance. This article evaluates the effect of DDOS attacks on mobile platform reporting incidents analysis till the date.
Background
Technologies such as General Packet radio service (GPRS), GSM (Global System for mobile communication), Universal Mobile Telecommunication System (UMTS), Enhanced Data rates for GSM Evolution (EDGE) and Bluetooth smartphones are doors to DDOS where malware infiltrates to carry out malicious activities. EDGE was introduced in an attempt of improving GPRS and to enhance the reliability of the service. Besides these constant efforts, malware block the legitimate users, steal their private data exploit devices from vulnerabilities. Under the DDOS attack, malware induces Trojans, botnets, rootkits, virus and worms. Worms are self-replicating reports whereas viruses are self-replicating codes, Trojan seems friendly software, rootkit focusing on installing Trojans that in turn disable firewalls, antiviruses. At last group of botnets used to immobilize the system and fetching significant details.
Major DDOS Attack Events
The kind of DDOS attack that occurs is mostly untraceable because of the low adoption of counter spoofing. According to assignment help experts, the DDOS attack on a company website causes a data centre infrastructure downturn, preventing legitimate users from buying the company’s products. During DDOS attacks attackers use a large number of exploited machines including the Internet of things, personal computers, and network servers, to send a flood of traffics.
In 2017 cybercrime, DDOS attacks have grown by 93%. The biggest DDOS spoofing attack took place in September 2017 when attackers sent spoofed packets to 180,000 web servers that in turn sent a message to the GOOGLE (Columbus, 2020). The attack hadn’t took place from a single spot even multiple attackers were collaborated over the past six months to attack Google infrastructure.
Another major incident of DDOS attack witnessed in February 2020 at AWS when the site saw sudden traffic at a rate of 2.3 terabits per second (Tbps). The attacker used connection-less Lightweight Directory Access Protocol (CLDAP) web servers that are an alternative to LDAP. In recent years multiple DDOS attackers have used CLDAP to hijack the complete web server.
DDoS attack recorded by Github is the largest one to date. The attack has sent .3 Tbps, packets at 126.9 million per second rate. Fortunately, Github was using DDOS protection alerted the system in 10 minutes within the attack. The massive DDOS attack was going on for 20 minutes (Fruhlinger, 2021).
Following Github, in the history of mankind, no one can forget the Mafiaboy attack placed in 2000. A single 15 years boy named Mafia boy caused harm to major websites including DELL, e bay, Yahoo, E-trade, CNN. The attack has produced huge repercussions including the clashing of the stock market.
The largest and unforgettable Spamhaus attack at Spamhaus, an organization directing users to combat spam-related mails filtering as much as spam got attacked in 2013. The site started receiving traffic 300 Gbps suddenly. In fact, the attack caused major issues in the London internet exchange.
Kinds Of DDOS Attack
Broadly speaking a DDOS and Dos attack is categorized into three major types-
Volume-based attacks– It includes, ICMP floods UDP floods, and other spoofed-packet floods. The prime goal of an attacker is to saturate the bandwidth of attacked site that is measured in bits per second.
Protocol attacks– This consists of major DDOS Events such as SYN floods attacks, fragmented packet Smurf DDoS, and, Ping of Death. The core purpose of this form of attack is to consume significant data of the website, disturbing immediate communication requirements, for instance, load balancers, firewalls (Gupta, 2004)
Application layer attacks– Including long and short attacks targeting Apache, Windows, Open BSD vulnerabilities seeminglessly made to crash the website that is measure in Requests per second (Rps). To know about cybersecurity based major laws in Arab, take essay writing help from Arabessay experts anytime.
UDP Flood | Ping Flood | SYN flood | Ping of Death |
Here attackers flood the targeted website via User Datagram Protocol (UDP) packets. The goal of this sort of attack is to create a flood in the random site of the host (Imperva.2020) | ICMP overwhelm the target source ICMP Echo Request (ping) packets, generally, attackers send the packets on a large amount without waiting for the responses. | An SYN flood targets the vulnerable TCP connection sequence confirmed by ACK response. Attackers send multiple SYN requests to the host site | Attackers send multiple pings where the size of ping packets would be 65,535 bytes (Pawar, Mohandas & Anuradha, 2015). In the end, the host target will end up with IP packets causing denial to the legitimate packets. |
Cyber Security Risks
According to the report of purplesec.com, 2018 80,000 cyber-attacks per day has identified in 2018. In any way, 20% of the DDOS created traffic is not able to combat. 70% of the company’s representatives have accepted cybersecurity risks increased significantly than in 2019. In the same report, it was highlighted over the past few years, MacOs malware and DDOS attack were increased by 165%. Also, it was notified 7 out of 10 malware were ransomware. However, experts and assignment helpers have expressed malware development from windows reduced by 11%. Crossing over 18 million websites was attacked by malware and DDOS at some point in a week. 50% of the companies are experiencing an industrial control system security. With government initiatives and companies alertness, 5.4 billion WannaCry virus attacks were blocked. As cyber security threat causing an alarming situation, every country are connected and come to together to develop highly protected software to stop breaching acts.
Conclusion
DDOS attack has become a serious problem for the current business since every incident creates either reduction in business process or ample data get lost. This blog explored The Impact of DDOS attacks that could range from a minor annoyance to huge costing to business. However, blog ended up on the identified primary motive of DDOS and DOS i.e. enabling compromising the availability of a system thereby weakening the system on a huge level.
References
Columbus. L, 2020. Why Integrating Network Technology & Security Makes Sense Now. Available at-
Fruhlinger. J. 2021. DDoS explained: How distributed denial of service attacks are evolving. Available at- https://www.csoonline.com/article/3222095/ddos-explained-how-denial-of-service-attacks-are-evolving.html Data accessed on 7 September 2021
Gupta, Vaibhav & Goswami, Sumit & Kumar, Ashok & Singh, Mohinder. 2004. Networking and Security Measures. DESIDOC Bulletin of Information Technology. 24. 10.14429/dbit.24.2.3621.
Imperva.2020. Distributed denial of service attack (DDoS) definition. Available at- https://www.imperva.com/learn/ddos/ddos-attacks/ Data accessed on 7 September 2021
Pawar, Mohandas & Anuradha, J.. 2015. Network Security and Types of Attacks in Network. Procedia Computer Science. 48. 10.1016/j.procs.2015.04.126.
PurpleSec.(2020)Cyber Security Statistics The Ultimate List Of Stats, Data & Trend. Available at https://purplesec.us/resources/cyber-security-statistics/ Data accessed on 7 September 2021Yik Ern, Alfred. 2019. Network Security. 10.13140/RG.2.2.19900.59526.