SoylentNews is people
SoylentNews
Distributed Denial of Service (DDoS) attacks have been getting more polished, in what, who, and how they target their victims. Threatpost has an article looking at some of the changes over the recent years regarding new techniques, new targets, and a new class of attackers.
Several new themes are emerging in the 2018 distributed denial of service (DDoS) threat landscape, including a shift in tactics to reach new heights in volumetric campaigns, attacks that rely on a sheer wall of large amounts of packet traffic to overwhelm the capacity of a website and take it town.
However, while these traditional, opportunistic brute-force DDoS attacks remain a menace has emerged. These DDoS threats are more sophisticated and micro-targeted attacks. They take aim at, say, a specific application rather than a whole website. These type DDoS attacks are a rapidly growing threat, as are “low and slow” stealthier offensives. At the same time, bot herders are working on expanding their largely IoT-based botnet creations, by any means possible, often to accommodate demand from the DDoS-as-a-service offerings that have created a flood of new participants in the DDoS scene. Those new entrants are all competing for attack resources, creating a demand that criminals are all too happy to fulfill.
[...] One of the most notable evolutions in the DDoS landscape is the growth in the peak size of volumetric attacks. Attackers continue to use reflection/amplification techniques to exploit vulnerabilities in DNS, NTP, SSDP, CLDAP, Chargen and other protocols to maximize the scale of their attacks. Notably however, in February the world saw a 1.3 Tbps DDoS attack against GitHub—setting a record for volume (it was twice the size of the previous largest attack on record) and demonstrating that new amplification techniques can give unprecedented power to cybercriminals. Just five days later, an even larger attack launched, reaching 1.7 Tbps. These showed that DDoS attackers are more than able to keep up with the growing size of bandwidth pipes being used by businesses.
(Score: 3, Insightful) by bob_super on Friday July 20 2018, @06:23PM (5 children)
> bot herders are working on expanding their largely IoT-based botnet creations
Maybe some white hackers have to use those same IoT holes to brick every fucking IoT device that hasn't received a patch in the last two months (aka all of them).
Once enough end-customers start screaming at the manufacturers and demanding refunds with prejudice, maybe those guys will stop peddling unsupported crap unscathed.
The river is already on fire, and the EPA nowhere to be found. Time to hit the polluters at the wallet.
(Score: 0) by Anonymous Coward on Friday July 20 2018, @06:57PM (3 children)
(Score: 0) by Anonymous Coward on Friday July 20 2018, @08:03PM (2 children)
L4 kernel is quite safe
(Score: 2) by Runaway1956 on Saturday July 21 2018, @01:54AM (1 child)
And, you can explain why L4 is so safe?
(Score: 0) by Anonymous Coward on Sunday July 22 2018, @04:35PM
They are probably talking about the seL4 microkernel. It has been proven to be functionally correct, uses capability-based resource management, is provably secure, and doesn't require the compiler to be trusted to maintain those guarantees. It is also actively developed, so it stays on top of hardware bugs that can undermine those goals.
(Score: 2) by Runaway1956 on Saturday July 21 2018, @01:15AM
Well, brick at least 90% of them. Those that aren't connected to any network are alright. I have one "smart" device in the house. It's been blocked from connecting to the WIFI. It can talk to the wife all day long, for all I care, but it's blacklisted on WIFI. It sits there, and does it's idiot thing, and no one pays it any mind. If, one day, it decides that it isn't going to work anymore because it can't "update", I'll just shoot it.