Story image

Any internet user can order cyber attack for less than $20 - study

DE-CIX, the Frankfurt-based operator of the world's largest internet exchange (IX), together with an international team of scientists has published a study which for the first time examines the effects of Distributed Denial of Service (DDoS) attacks and the effects of police countermeasures with alarming results. 

For example, it was found that any internet user can order and have cyber-attacks carried out for less than US$20. 

A measurement infrastructure was set up specifically for this study and DDoS attacks were purchased from DDoS service providers (so-called booter websites), in order to attack the company’s own system. 

The research team also analysed the effects of the international police measures of December 2018 against DDoS service providers. In this regard, 15 booter websites were taken off the internet as part of an action by the FBI and the Dutch police, without any lasting success. 

The project involved researchers from DE-CIX, BENOCS GmbH, Brandenburg Technical University Cottbus-Senftenberg, University of Twente, and the Max Planck Institute for Computer Science in Saarbrücken.

“We were unable to record a sustained improvement in the security situation with regard to DDoS activities on the internet as a result of the police countermeasures of December 2018,” says DE-CIX research and development head Christoph Dietzel.

“After about six days, the frequency of attacks was already back to the old level of an average of 50 NTP (Network Time Protocol) DDoS attacks per hour.

“The measures had caused a drop to thirty attacks per hour,” says Dietzel. 

“Further analyses at the world's largest internet node DE-CIX in Frankfurt revealed DDoS attacks against thousands of targets on the internet occur at any time of day or night.

“Interestingly, we found out that only about 20% of the traffic of an attack goes through our IX in Frankfurt. 

“In this case, one could conclude that the 311 Gbps attack we observed was five times as large at the target, and therefore had an actual traffic rate of 1.555 Tbps. 

"[This means] the attack traffic at the target could often be significantly larger than our measurements show,” says Dietzel. 

“Attacks of this kind can lead to both financial damage and damage to the company’s image and can threaten the very existence of companies. That is why we will continue to conduct further research to combat this cybercrime in the future.”

The focus of the new research project is on artificial intelligence technologies and how they are suited to detect DDoS attacks directly at the core of the internet, at the internet exchange, and to develop new, effective protective measures.

The project runs until June 2022.

Story image
Google expands Titan security keys across parts of EU & Asia
Google’s Titan security key bundle was launched late last year. It includes USB-A/NFC/BLE keys that can act as a second form of authentication as part of a two-factor authentication process.More
Story image
Forescout updates security platform to support more high-risk devices
Forescout has updated its security platform to provide more protection against devices across an IT ecosystem, as well as internet of things (IoT) and operational technology (OT) systems.More
Story image
Micro Focus centralises policy controls for IT security admins
According to Micro Focus, the exponential growth of sensitive files represents the biggest challenge that information security professionals face. More
Link image
Fortinet: Attackers doubling down on CMS and web infrastructure attacks
Fortinet: Attackers doubling down on CMS and web infrastructure attacks Fortinet’s latest quarterly threat report highlights the summer antics in the threat landscape and which areas bad actors are targeting. More
Story image
Telco Security Alliance strives to develop threat detection
“This initiative already proved valuable to AT&T’s visibility into current threats, and as we continue to work together, our focus is on utilising this relationship to deliver better threat intelligence to our customers.”More
Story image
Dell Technologies sells RSA for US$2 billion
Clarke reveals that RSA and Dell Technologies developed different strategies to meet different business needs with different go-to-market models. More