Who’s afraid of the big bad botnet?

Dave Larson, COO at Corero Network Security

The notion of a huge botnet targeting your business with a DDoS attack can send shivers down the backs of the most experienced security professionals. Botnets can harness vast size and power, as well as demonstrating a huge amount of sophistication.

DDoS attacks originating via botnets can be executed with precision and control, pulsed and sent in different ways and are virtually impossible to trace back to the original attacker. They are also growing exponentially in size as attackers take advantage of the range of connected devices incorporated in our Internet of Things. So what should security teams be watching out for, and what is the best defence?

Botnets have transformed the DDoS landscape. Once, attacks were the preserve of small, technical elites who had enough coding skills to launch a strike. Nowadays DDoS-for-hire botnets have significantly lowered the barriers to entry. A quick Google search and a PayPal account makes botnets readily available for just a few dozen dollars, with no coding experience necessary. Furthermore they are becoming increasingly popular – DDoS-for-hire botnets are now estimated to be behind as many as 40% of all network layer attacks, says Dave Larson, COO at Corero Network Security.

But while the majority of purchasers are likely to be low-level attackers, seeking to cause mischief and settle personal grievances, more powerful botnets-for-hire are also being utilised by state actors and organised criminals. Recently DDoS attacks have been getting bigger and bigger. Our Security Operations Centre recorded a dramatic (25%) increase in very large attacks of more than 10Gb per second among our customer base in the second half of last year. In terms of individual attacks, the strike on the BBC in January was one of the biggest ever reported; an enormous 600Gb per second.

While these attacks clearly cause significant damage, we believe that their primary purpose is often to demonstrate the attackers’ capabilities so that they can be sold as a service in the future. The gigantic attacks that make headlines aren’t cheap to rent and would probably cost upwards of $150,000 to engage. Accordingly these are only likely to be utilised by criminal or nation state attackers, who have access to a sophisticated infrastructure with money laundering capabilities.

There is really no limit to the potential size and scale of future botnet-driven DDoS attacks, particularly when they harness the full range of smart devices incorporated into our Internet of Things. By using amplification techniques on the millions of very high bandwidth density devices currently accessible, such as baby video monitors and security cameras, DDoS attacks are set to become even more colossal in scale.

Terabit -class attacks may be increasingly common and ‘breaking the Internet’ – or at least clogging it in certain regions – could soon become a reality. The bottom line is that attacks of this size can take virtually any company offline – a reality that anyone with an online presence must be prepared to defend against.

It isn’t just the giant attacks that organisations need to worry about. Before botnets are mobilised, hackers need to make sure that their techniques are going to work. This is usually done through the use of small, sub-saturating attacks which most IT teams wouldn’t even recognise as a DDoS attack. Due to their size – the majority are less than five minutes in duration and under 1Gbps – these shorter attacks typically evade detection by most legacy out-of-band DDoS mitigation tools, which are generally configured with detection thresholds that ignore this level of activity.

This allows hackers to perfect their methods under the radar, leaving security teams blindsided by subsequent attacks.  If these techniques are then deployed at full scale with a botnet, the results can be devastating.

But that’s no reason for organisations to resign themselves to eventually getting attacked, despite the proliferation of vulnerable smart devices that can potentially comprise a botnet of near-unimaginable size. So what are the most effective methods of defence?

Legacy out-of-band scrubbing solutions which require human intervention to remove the attack will not be successful because they are slow to respond and they don’t recognise the full range of attacks. The alternative is to use an automatic, always-on, in-line DDoS mitigation system, which can monitor all traffic in real-time, negate the flood of attack traffic at the Internet edge, eliminate service outages and allow security personnel to focus on uncovering any subsequent malicious activity.

This type of protection comes in various forms – either on-premises, or purchased as a security service from an upstream provider. It’s technology like this which offers the best hope to organisations today against the biggest of botnets.

The author of this blog is Dave Larson, COO at Corero Network Security

Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow

RECENT ARTICLES

Ospitek, BEST Health System partner to improve the outpatient surgical experience with IoT, AI

Posted on: December 6, 2022

OSPITEK INC., the developer of the proprietary Digital Health platform VIEW, has partnered with Ohio’s BEST Health System to implement the VIEW software platform in BEST’s outpatient surgical centres. The VIEW platform is a cloud-based software and IoT enhanced, Ambulatory Surgery Centre (ASC) management and communication platform, designed for rapid adoption to compliment legacy EHR

Read more

KORE collaborates with Google Cloud to deliver IoT solutions

Posted on: December 6, 2022

KORE, a global specialist in Internet of Things (IoT) Solutions and worldwide IoT Connectivity-as-a-Service (IoT CaaS) has announced that it has established a go to market alliance with Google Cloud to bring IoT capabilities to global businesses.

Read more
FEATURED IoT STORIES

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption, is leading the charge to dominate the next decade’s discussion around business IT. Below, we’ll discuss the current boom, what’s driving it, where it’s going,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more

What is IoT?

Posted on: July 7, 2019

What is IoT Data as a new oil IoT connectivity What is IoT video So what’s IoT? The phrase ‘Internet of Things’ (IoT) is officially everywhere. It constantly shows up in my Google news feed, the weekend tech supplements are waxing lyrical about it and the volume of marketing emails I receive advertising ‘smart, connected

Read more