DDoS attack timeline
They have also gotten bigger over the years. In the mid-1990s an attack may have consisted of 150 requests per second – and it would have been enough to bring down many systems. Today they can exceed 1,000 Gbps. This has largely been fueled by the sheer size of modern botnets.
In October 2016, internet infrastructure services provider Dyn DNS (Now Oracle DYN) was stuck by a wave of DNS queries from tens of millions IP addresses. That attack, executed through the Mirai botnet, infected reportedly over 100,000 IoT devices, including IP cameras and printers. At its peak, Mirai reached 400,000 bots. Services including Amazon, Netflix, Reddit, Spotify, Tumblr, and Twitter were disrupted.
In the beginning, attackers built their own botnets by scanning the Internet for vulnerable devices and then compromising them with malware that enabled attackers to remotely control the bots. Sadly, attackers don’t even need to build botnets anymore; they can rent DDoS-for-hire botnets from operators who charge very little money for short-term (but effective) attacks.
In early 2018 a new DDoS technique began to emerge. On February 28, the version control hosting service GitHub was hit with a massive denial of service attack, with 1.35 TB per second of traffic hitting the popular site. Although GitHub was only knocked offline intermittently and managed to beat the attack back entirely after less than 20 minutes, the sheer scale of the assault was worrying, as it outpaced the Dyn attack, which had peaked at 1.2 TB a second.
More Info: how does a ddos attack work
In October 2016, internet infrastructure services provider Dyn DNS (Now Oracle DYN) was stuck by a wave of DNS queries from tens of millions IP addresses. That attack, executed through the Mirai botnet, infected reportedly over 100,000 IoT devices, including IP cameras and printers. At its peak, Mirai reached 400,000 bots. Services including Amazon, Netflix, Reddit, Spotify, Tumblr, and Twitter were disrupted.
In the beginning, attackers built their own botnets by scanning the Internet for vulnerable devices and then compromising them with malware that enabled attackers to remotely control the bots. Sadly, attackers don’t even need to build botnets anymore; they can rent DDoS-for-hire botnets from operators who charge very little money for short-term (but effective) attacks.
In early 2018 a new DDoS technique began to emerge. On February 28, the version control hosting service GitHub was hit with a massive denial of service attack, with 1.35 TB per second of traffic hitting the popular site. Although GitHub was only knocked offline intermittently and managed to beat the attack back entirely after less than 20 minutes, the sheer scale of the assault was worrying, as it outpaced the Dyn attack, which had peaked at 1.2 TB a second.
More Info: how does a ddos attack work
Comments
Post a Comment