The last month has seen DDOS attacks on various sources on a magnitude no one has ever seen before: in some cases more than a terabit per second of data. This was more than anyone thought possible, but it was all because whoever was responsible, rented some of the most extensive botnet networks, made up of many Internet of Things (IOT) devices.
Although it's been suspected that botnet rental was a growing industry in the bowels of the internet, this recent loaning and subsequent attacks have proved to be far more extensive than anyone expected or even thought was viable. Whoever was behind it was clearly well connected and well funded.
In each instance of the large-scale DDOS attacks in recent weeks, a network of IOT devices infected with the Mirai malware was largely responsible. The self-spreading malware has hooked its tentacles into many thousands of devices around the world and has proved very effective at helping to take down online services.
But in some cases another network known as Bashlight was used too, as well as other less well known botnets.
Source: Vitamin/Pixabay
“We believe that there might be one or more additional botnets involved in these attacks,” Dale Drew, CSO of Level 3 Communications, said in a chat with Ars. “This could mean that they are ‘renting' several different botnets to launch an attack against a specific victim, in which multiple other sites have been impacted.”
Since these large scale attacks ISPs across the world have taken steps to try and limit the extent to which IOT devices can be used in these sorts of attacks, but it will take increased security measures from device manufacturers before the exploits are really patched up.
It could be too that we'll see these sorts of larger scale attacks in the future. If there is a financial incentive to create bots and then loan them out for a fee, that could become quite a dangerous precedent to set. Can you think of a better audition than the recent, large-scale attacks?
Discuss on our Facebook page, HERE.
KitGuru Says: You'd have to imagine with all of the political mud slinging going on at the moment, that there are a few camps who have considered leveraging this tactic themselves.