IoT-powered attacks gain ground
Distributed Denial of Service (DDoS) attacks continue to grow exponentially at an alarming rate, terrorizing websites and severely endangering digital business operations worldwide, according to a report cited IPC, a local cloud pioneer and the only DDoS mitigation service provider in the country with a local data scrubbing facility.
The worldwide study conducted by IPC’s DDoS Mitigation partner Nexusguard revealed that 2016 was a challenging year for data security as IoT (Internet of Things) devices became the favorite conduit for attacks used by cybercriminals, which brought an alarming number of new threats. In the 4th Quarter of the year alone, there was a 152% increase of attacks in December from the previous month.
Real-time data on attacks towards enterprises and service-provider networks worldwide were collected by Nexusguard throughout Q4 2016 via botnet scanning, Honeypots, ISPs, and traffic moving between attackers and their targets.
The data collected showed that hackers used hundreds of thousands of Internet-connected devices that had previously been infected with a malicious code – known as a “botnet” – to force a DDoS attack. These devices are powerful enough to generate attacks such as speeding up password guessing to break into online accounts, mine bitcoins, click fraud, and many more which can lead to significant damage.
“Because IoT and smart devices are becoming prevalent at work and at home, the playing field for hackers is now definitely bigger,” said Niño Valmonte, the Director for Marketing and Digital Innovation of IPC. “A computer is just one of the many entry points into a network. Webcams, CCTV, smart TVs, and even printers — anything that has a connection to the Internet is vulnerable.”
Nexusguard also reports that botnet attacks were being steadily upgraded to the point that not only did it enable 200GB-sized attacks, attack frequency also increased by more than 152 percent. One such attack lasted for 19 hours and 30 minutes.
The rise in the number and size of attacks last year is said to have been boosted by the massive Mirai botnet attack. Since the release of its source code in August, the number of IoT botnets grew from 213,000 to 493,000 in October.
Combined attacks consisting of DDoS and hacking activities were predominantly aimed at financial institutions. Nexusguard reveals in their study that Web Application Firewall (WAF) alerts in the financial sector jumped by 184% from November to December of 2016.