Now on Demand: Zero Trust Strategies Summit - Access All Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Mobile-based DDoS Attacks Create Mitigation Challenges: Report

According to a new report from Prolexic Technologies, a provider of Distributed Denial of Service (DDoS) protection services that was recently acquired by Akamai Technologies, mobile applications are being increasingly used in DDoS attacks and are creating mitigation challenges.

According to a new report from Prolexic Technologies, a provider of Distributed Denial of Service (DDoS) protection services that was recently acquired by Akamai Technologies, mobile applications are being increasingly used in DDoS attacks and are creating mitigation challenges.

Prolexic said that data gathered from attacks against its customers during Q4 shows that mobile devices participated in a DDoS attack campaign against a global financial services firm.

This should not be surprising, and mobile devices are not an entirely new DDoS attack vector. However, mobile-based DDoS attacks are important to pay attention to based on some of the mitigation challenges they create.

Mobile DDoS AttacksBased on analysis of recent attacks by Prolexic’s team, and Android-based tool called AnDOSid was used, which performs an HTTP POST flood attack.

This is not the first time mobile devices have been used as a platform to launch DDoS attacks.

DDoS attacks have become a favorite weapon of hacktivists over past few years, and while most attacks are launched from an army of PCs, some tools have worked their way over to mobile devices. In February 2012, researchers at McAfee found an Android version of the infamous Low Orbit Ion Cannon (LOIC).

LOIC was originally developed by “good guys” to stress test websites, but has been a favorite tool of Anonymous and other hacktivists to take targets offline by sending a flood of TCP/UDP packets in an attempt to overwhelm a system.

Prolexic believes that developers of applications commonly used in DDoS attacks like LOIC will increasingly port them to mobile platforms in 2014.

“The prevalence of mobile devices and the widespread availability of downloadable apps that can be used for DDoS is a game changer,” said Stuart Scholly, president of Prolexic. “Malicious actors now carry a powerful attack tool in the palm of their hands, which requires minimal skill to use. Because it is so easy for mobile device users to opt-in to DDoS attack campaigns, we expect to see a considerable increase in the use of these attack tools in 2014.”

Advertisement. Scroll to continue reading.

“Traditionally, some type of infection or malware was required,” Scholly continued. “With mobile apps, malicious actors can choose to proactively participate in orchestrated DDoS attack campaigns. When you consider how many mobiles device users there are in the world, this presents a significant DDoS threat.”

DDoS attacks stemming from mobile devices create certain challenges when it comes to detecting and mitigating the attacks, and add another layer of complexity to the problem.

“Because mobile networks use super proxies, you cannot simply use a hardware appliance to block source IP addresses as it will also block legitimate traffic,” Scholly said. “Effective DDoS mitigation requires an additional level of fingerprinting and human expertise so specific blocking signatures can be developed on-the-fly and applied in real-time.”

Compared to Q4 2012, statistics from Prolexic’s Q4 DDoS Attack report include showing the following:

• 26.09 percent increase in total DDoS attacks

• 17.42 percent increase in application layer (Layer 7) attacks

• 28.97 percent increase in infrastructure layer (Layer 3 & 4) attacks

• 28.95 percent decrease in average attack duration: 22.88 vs. 32.21 hours

Compared to Q3 2013, the company saw a 48.04 percent increase in average peak attack bandwidth to 4.53 Gbps, and a 151.21 percent increase in peak packets-per-second rate to 10.60 Mpps.

“Looking back over 2013, a number of significant DDoS trends were observed,” said Scholly. “These include the emergence of Layer 7 toolkits, the rise in DDoS-for-hire services, the resurrection of amplified Distributed Reflection Denial of Service (DrDoS) attacks as a common and powerful attack vector, as well as the steady rise in the number of DDoS attacks originating from Asian countries.”

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Former Darktrace CEO Poppy Gustafsson has joined the UK government as Minister for Investment.

Nupur Goyal has joined cloud identity security and management solutions provider Saviynt as VP of Product Marketing.

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.