Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

DDoS-for-Hire Services Cheap But Effective

Distributed denial-of-service attackers are making it relatively cheap to disrupt targeted sites, according to a new report from Verisign. 

According to Verisign’s latest Distributed Denial of Service Trends report, attacks can cost between $5 (USD) per hour or as low as $2 (USD) an hour. In addition, massive and longstanding attacks can be launched for as little as $800 a month.

Distributed denial-of-service attackers are making it relatively cheap to disrupt targeted sites, according to a new report from Verisign. 

According to Verisign’s latest Distributed Denial of Service Trends report, attacks can cost between $5 (USD) per hour or as low as $2 (USD) an hour. In addition, massive and longstanding attacks can be launched for as little as $800 a month.

“Since their inception in 2010, DDoS-for-hire capabilities have advanced in success, services and popularity, but what’s most unnerving is booters have been remarkably skilled at working under the radar,” according to the report. “Given the ready availability of DDoS-as-a-service offerings and the increasing affordability of such services, organizations of all sizes and industries are at a greater risk than ever of falling victim to a DDoS attack that can cripple network availability and productivity.”

Some of the more brazen attackers advertize relatively openly. For example, the operators of the Gwapo DDoS service used YouTube and posted videos that featured actors reading a script explaining the DDoS service and asking potential buyers to contact the operators via email. In the case of that group, the cost of DDoS attacks ranged from $2 per hour for one to four hours to $1,000 for a month-long attack, the report notes.

“One of the more high-profile advertising efforts for a DDoS service in 2014 came from the DDoS group Lizard Squad,” according to the report. “Since August 2014, the group has claimed responsibility for attacks against multiple online gaming services, including those for Sony Corp.’s PlayStation Network (PSN) and Microsoft Inc.’s Xbox Live. PSN and Xbox Live were both taken offline for significant amounts of time by DDoS attacks on Dec. 25, 2014. Following the successful Christmas attacks, Lizard Squad began advertising the operation of its very own LizardStresser DDoS service, which costs from $5.99 to $119.99 USD per month to employ.”

In its Q4 2014 State of the Internet report, Akamai’s Prolexic Security Engineering and Research Team (PLXsert) blamed DDoS-for-hire services for the rise in reflection-based DDoS attacks. According to Akamai, nearly 40 percent of all DDoS attacks during the quarter used reflection techniques, which rely on Internet protocols that respond with more traffic than they receive and do not need an attacker to gain control over the server or the device.

“DoS attacks are a global threat and not limited to any specific industry vertical, but the information technology and cloud verticals are prime targets because these services are used by multiple customers across both the private and public sectors,” said Ramakant Pandrangi, the vice president of technology at Verisign. “That makes it appealing to cybercriminals.”

“During Q4 2014, Verisign’s IT/Cloud Services/SaaS customers experienced the largest volume of attacks, representing one third of all attacks and peaking in size at just over 60 Gbps for more than 24 hours,” he added. “We expect the trend in attacks against the IT Services/Cloud/SaaS industry to continue as these organizations migrate IP assets to cloud-based services and infrastructure, effectively expanding their attack surface across on-premise devices, and public and private clouds.”

Advertisement. Scroll to continue reading.

Verisign’s report found that during the fourth quarter of 2014, the most common attack vector the company observed continued to be UDP amplification attacks leveraging the Network Time Protocol (NTP).

“NTP is a UDP-based protocol used to synchronize clocks over a computer network,” Pandrangi said. “Any UDP-based service including DNS, SNMP, NTP, chargen, and RADIUS is a potential vector for DDoS attacks because the protocol is connectionless and source IP addresses can be spoofed by attackers who have control of compromised or ‘botted’ hosts residing on networks which have not implemented basic anti-spoofing measures. Many organizations do not use or trust external systems for their NTP, so in this case the solution can be as easy as restricting or rate-limiting NTP ports inbound and outbound to only authenticated, known hosts.”

The full report can be read here.

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Solana co-founder Stephen Akridge has been appointed the CEO of data protection firm Cyber Grant.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.