I found the following story which explains the nature of the DDoS threat facing us all. In the past, the main culprit of DDoS attacks were compromised computers which partially resulted in the multi-million dollar business of antivirus programs and similar software. Nowadays, the source is more likely to be a compromised CCTV camera, DVR, or some other device on the IoT.
Last week, the hosting provider OVH faced 1Tbps DDoS attack, likely the largest one ever seen.
The OVH founder and CTO Octave Klaba reported the 1Tbps DDoS attack on Twitter sharing an image that lists the multiple sources of the attack.
Klaba explained that the servers of its company were hit by multiple attacks exceeding 100 Gbps simultaneously concurring at 1 Tbps DDoS attack. One of the attacks documented by the OVH reached 93 MMps and 799 Gbps.
Now Klaba added further information on the powerful DDoS attacks, the CTO of the OVH claimed that the botnet used by attackers is powered by more than 150,000 Internet of Things (IoT) devices, including cameras and DVRs.
"This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send >1.5Tbps DDoS. Type: tcp/ack, tcp/ack+psh, tcp/syn." — Octave Klaba / Oles (@olesovhcom) 23 settembre 2016
The bad news for the OVH company is that attacks are still ongoing and the size of the botnet is increasing.
(Score: 1, Interesting) by Anonymous Coward on Thursday September 29 2016, @02:26PM
> Does anyone have a plan for not being a part of one of these botnets?
In my spare time I've been working on a product that is sort of a "firewall as a service" - all of the devices that are not speed or latency critical get their traffic sent to a central "router in the cloud." At that point we do all kinds of traffic analysis to keep them from misbehaving. For example, no outbound traffic except with their own known servers, no inbound traffic on any suspicious ports, etc. Its also has the side benefit of being a big traffic mix-master so anyone trying to cross-reference the traffic from multiple devices to profile the users in the home gets a ton of noise in the data because its mixed in with thousands of other users.