IT disaster recovery, cloud computing and information security news

Daisy

DDoS-for-hire threat landscape continues to grow

Radware has highlighted the continued growth of the DDoS-for-hire industry, despite global efforts in the last two years from law enforcement agencies, independent researchers and corporations to curb growth through a series of takedowns and arrests.

The warning comes after threat landscape research undertaken by Daniel Smith, Information Security Researcher for Radware’s Emergency Response Team and a white-hat hacker. He provides the following comment about the research:

“Over the last two years of takedowns and arrests, the DDoS mitigation industry has seen six new attack vectors. So much for curbing the growth. Takedowns are not the long-term solution. Denial-of-service should be mitigated in different ways. To curb the growing booter and stresser / stressor industry means addressing the core problem: the devices and servers used to create largescale botnets and world record volumes. Address the growth of the IoT market and the lack of regulation and security standards for devices that get connected to the internet. In addition, address the issues surrounding open resolvers and reflectors on the Internet. While disclosures of new attack vectors are hard to keep pace with, we need to put steady pressure on those who are not patching in a reasonable amount of time and develop ways to cope with open resolvers such as DNS and NTP. If devices can be infected within seconds and open services and resolvers remain, the problem will continue. Removing that vast attack surface from the bot herders plus proper mitigation which increase the resistance against successful DDoS attacks is the only way to demotivate criminals. The ultimate solution is to make launching these assaults too difficult and too expensive. Doing so will put an end to smaller cybercriminals wannabee hackers.”

More details.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.