In a worrying new cyber threat trend, the record for largest DDoS (Distributed Denial of Services) attack has been broken, not once, but twice, over the past week. A DDoS attack, in essence, is an attempt to make an online service (such as your business’s website) unavailable by overwhelming it with traffic from various sources. Last week, the coding repository GitHub was briefly taken offline in a 1.3 Terrabits-per-second DDoS attack. This wasn’t entirely unsurprising, as DDoS attacks have been steadily building throughout 2018, but March has definitely been the worst month so far. Now, an unnamed US service provider has reported experiencing an even larger DDoS attack, which hit 1.7 Terrabits-per-second, only a few days after the previous record had been broken. This could pose a significant threat for many businesses that operate memcached database servers, which typically have high-bandwidth access and can be badly impacted by DDoS attacks.
At 1.7 Terrabits-per-second, the unnamed US service provider experienced the largest DDoS attack to date. These attacks are expected to increase in size and frequency going forward.
So what does this mean to the average business? Well, before May 2017, many business owners may not have heard of ransomware or known exactly what is was – but after the WannaCry attack that took down businesses all over Europe, it’s safe to say that most business owners are acutely aware of what ransomware is and the threat it could pose to their livelihood and reputation. Like ransomware, DDoS attacks are hard to prevent fully but for those who do their homework and follow best cyber security practice, the risk can be significantly reduced. Unlike ransomware, DDoS hasn’t made as many large headlines, and so protective measures against such attacks may not be high up the priority list for IT departments, especially in smaller or medium enterprises that may not see themselves as a target for organised cyber crime.
However, it’s not just the size of the DDoS attacks that has increased in recent months, but also the frequency. Cyber security firm Arbor Networks, who initially reported that the 1.7tbps attack had taken place, have advised that they have seen considerable increase in DDoS attacks, leading them to believe that these abilities may have been weaponised and made available as a service for a wider pool of cyber criminals and hackers.
More specifically, the latest DDoS attacks take advantage of memcached servers that are not properly secured. “While the internet community is coming together to shut down access to the many open memcached servers out there, the sheer number of servers running memcached openly will make this a lasting vulnerability that attackers will exploit,” according to Carlos Morales, Arbor Networks’ VP of sales, engineering and operations. “It is critically important for companies to take the necessary steps to protect themselves.”
At the moment, DDoS attacks are mostly used to disrupt services, but some cyber criminals have started to extort business owners by threatening to attack their websites and online services if a ‘ransom’ is not paid.
The clock towards GDPR is also ever-ticking, and the regulation will come into full effect for any company possessing or processing EU citizen data in just 78 days’ time (at the time of writing). The GDPR requires companies to have appropriate “state-of-the-art” technological measures in place in order to protect their user data. The wording has been left purposely vague, with the expectation that businesses should closely follow cyber security best practice, which changes over time. WannaCry, NotPetya and other mass-ransomware attacks opened the business world’s eyes to a whole new kind of cyber threat last year, and cyber security best practice changed a lot to reflect that. We expect that if DDoS attacks keep increasing in sophistication and frequency as they have been, they could have a similar effect on what measures are considered the best practice in the industry.
Unfortunately, cyber security has no silver bullets. It’s constantly evolving and requires a thorough, robust and layered approach in order to keep a network as secure as it can be. If you’re a small or medium-sized enterprise who is concerned about how their security might fare against a cyber attack or the stringency of the GDPR’s technical requirements, contact us today and speak to us about our IT Essentials Bundle to aid with GDPR compliance.