Distributed denial of service attacks (DDoS) attacks in general are on the rise. That is according to a United States’ Internet Crime Complaint Center (IC3). That’s a partnership between the Federal Bureau of Investigation (FBI), the National White Collar Crime Center (NW3C), and the Bureau of Justice Assistance (BJA).
IC3 reports –
One reason may be due to the availability of software tools like LOIC, Slow Loris and BE botnet, which allow anybody to participate in a distributed attack.
Gaming sites in particular have come under attack by multiple hacking groups. Open source of intelligence indicates that some of the attacks are supposedly in response to the company itself, while other attacks are in response to group rivalries.
It appears that social engineering of followers of some of these media-driven hacking groups have influenced others in participating in the attacks thus adding to the intensity of these DDoS attempts.
It is also worthy to note that some DDoS attacks have been used to distract the organisation from other criminal activity. One group will cause the traffic disruption, while the others attempt to compromise servers and exfiltrate data.
The IC3 continues to receive complaints reporting DDoS attacks, often to smaller e-commerce based businesses. One reported attack was DNS based. The company reportedly had 165 million hits over a three-day period, which overloaded their network and crashed their site. They stated their
web hosting company attempted multiple solutions over the course of the attack, which lasted about ten days.
Another reportedly exhausted every avenue available to combat an attack to their site, but was unable to stop it because of the overwhelming intensity. They reported the attack mainly concentrated on the Internet banking services segment of the site, and the attackers were not successful in penetrating the network, gaining access to any internal function. However, the attackers inundated the incoming communication lines with more than 8,000 hits per second to the bank’s login screen, eliminating access to the bank by its clients.