Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday September 29 2016, @08:19AM   Printer-friendly
from the all-together-now dept.

I found the following story which explains the nature of the DDoS threat facing us all. In the past, the main culprit of DDoS attacks were compromised computers which partially resulted in the multi-million dollar business of antivirus programs and similar software. Nowadays, the source is more likely to be a compromised CCTV camera, DVR, or some other device on the IoT.

Last week, the hosting provider OVH faced 1Tbps DDoS attack, likely the largest one ever seen.

The OVH founder and CTO Octave Klaba reported the 1Tbps DDoS attack on Twitter sharing an image that lists the multiple sources of the attack.

Klaba explained that the servers of its company were hit by multiple attacks exceeding 100 Gbps simultaneously concurring at 1 Tbps DDoS attack. One of the attacks documented by the OVH reached 93 MMps and 799 Gbps.

Now Klaba added further information on the powerful DDoS attacks, the CTO of the OVH claimed that the botnet used by attackers is powered by more than 150,000 Internet of Things (IoT) devices, including cameras and DVRs.

"This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send >1.5Tbps DDoS. Type: tcp/ack, tcp/ack+psh, tcp/syn." — Octave Klaba / Oles (@olesovhcom) 23 settembre 2016

The bad news for the OVH company is that attacks are still ongoing and the size of the botnet is increasing.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Interesting) by zocalo on Thursday September 29 2016, @10:34AM

    by zocalo (302) on Thursday September 29 2016, @10:34AM (#407819)
    A lot of these devices also upload data to the cloud for various reasons, not least of which is monetizing your data for the vendor. Needless to say, most of the vendors don't pick the big players like Amazon, Google and Microsoft for the cloud services provider, no, they pick the cheapest one. Good luck figuring out an outbound firewall for a random IoT device that requires a connection to some random cloud provider - that may or may not be over HTTP(s) - which doesn't include some sweeping wildcards. Unless the device provides, or the user can determine, a more precise set of requirements then realistically the only firewalling that is going to happen is on the level of whether network A can or cannot talk to network B and maybe, if you are really lucky, which protocols it's going to use for doing so - better than nothing, but not by much.
    --
    UNIX? They're not even circumcised! Savages!
    Starting Score:    1  point
    Moderation   +2  
       Insightful=1, Interesting=1, Total=2
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4