DDoS Assaults Becoming More-and-More Frequent and Big-Sized, Reports Incapsula

Incapsula the specialist in website security has conducted one fresh research according to which, there is an increasing frequency and size of DDoS (distributed denial-of-service) assaults, as online crooks make their attack techniques more advanced for counteracting better-than-before security defenses, published ibtimes.co.uk dated March 28, 2014.

There are 2 most frequently found distributed denial-of-service assaults, states the study. These are network assaults that utilize massive amounts of traffic for hitting most sensitive infrastructures namely Internet connected systems called servers, or application-layer assaults that attack particular websites with the help of botnets (huge networks of zombie PCs).

Traffic generated from application-level DDoS assaults, indicates the report, have increased 240% during 2014 from 2013.

Compromised PCs compiled to make the botnets are distributed across all regions of the globe, with half of all botnet assaults emerging from merely ten countries of which Iran, China and India are responsible for generating over 25% of the entire bot-traffic. Among the attacking nations, USA is on No.5.

The majority of these botnets contain conventional PCs. Cyber-criminals tend to more-and-more attack network PCs, as evident from Incapsula's report as to how CCTV cameras get attacked the most because of their default passwords that are easy to guess.

Meanwhile, there's much to feel impressed about the attack scenario: 29% of the bot-infected PCs that execute DDoS assaults have the capability of running JavaScript, while 4 in 100 botnet assaults are aimed at over half of the targets on a monthly basis.

With rise in the total number of assaults, there's also an increasing sophistication of DDoS bots. During Q4-2013, Incapsula indicated how for the first time DDoS bots, amassed via browser attacks, managed in circumventing both Cookie and JavaScript filters continuing further through 2014 when 30 in 100 bots that attacked managed in accepting as well as storing cookies.

Bots currently invade systems with the help of masked user-agents that aid in circumventing not-so-sophisticated filters. That's possible assuming bots that project to be browsers or search engines don't get isolated.

Incapsula's research reportedly spanned between November 30, 2013 and February 27, 2014 completing a full 90-day phase.

» SPAMfighter News - 4/7/2014