Cybercriminals are stepping up the number, strength and
sophistication ofdenial-of-service (DoS)attacks, says communications
firmCable & Wireless.
"We have seen an increase of about 80% since April this year,"
Graham Smith, government and security product manager at C&W
told ComputerWeekly.
Cybercriminals have also stepped up the strength of attacks as
more organisations roll out DoS protection systems as part of their
security strategy.
Attacks have increased in strength from about one
gigabit-per-second (Gbps) to around 3Gbps on average in the past
year, said Smith.
"This is beyond the scope of most on-premises enterprise DoS
protection systems. Only service providers are able to deal with
attacks of this size," he said.
At the extreme, some attacks have been as strong as 8Gbps, but
so far these have been limited to online gambling services, the
traditional target of DoS attacks, he said.
An increased number of attacks has also meant a widening in the
types of organisations targeted.
"Attackers are looking beyond online gambling services to
include government organisations, commercial enterprises, banks and
social networking sites like
Twitter and Facebook," said Smith.
Criminals have also switched from using the http internet
protocol for DoS attacks to encrypted protocols.
"This makes DoS attacks more difficult to detect and distinguish
from legitimate network traffic," said Smith.
DoS detection and protection systems have had to evolve rapidly
in response to changes in attack methods, he said.
Although the scale of attacks has increased, criminals are using
a greater number of bots or hijacked computer to send low volumes
of server requests to avoid detection.
"This increases attackers' chances of success because DoS
detection systems take longer to spot these widely distributed
attacks," said Smith.
DoS attacks are traditionally aimed at extorting money from
victims, but the motive for many of the recent attacks is not as
clear, he said.
"Although service providers can shut down these attacks, we can
only speculate about the motive because it is very difficult to
identify who is behind them," said Smith.