Report: Two-Day Long DDoS Attack Breaches U.S. Utility

By | March 13, 2013

Posted in: Network Security Trends , Enterprise DDoS Protection

While phase three of Operation Ababil is now in full swing, banks are not the only enterprises that remain at heightened cyber threat alert.

A new case study issued by anti-DDoS vendor Prolexic recounts a recent Layer 4 Distributed-Denial-of-Service (DDoS) attack leveled against U.S. electric utility.

Also referred to as a "syn flood," this sort of breach utilizes the transport protocol (TCP) stack to flood the servers with SYN packets, overwhelming the CPUs and crashing applications. The attack, which lasted for 48 hours and peaked at 3.3 Gbps and 5.7Mpps (packets-per-second), left more than 100,000 utility customers without the ability to pay their bills online or by phone, according to Prolexic.

With banks on high alert, utilities and other critical infrastructure that rely on the Internet to conduct operations need to firm up their perimeters.

Corero Network Security President, Marty Meyer told BankInfoSecurity that while the attack on this utility was smaller than the ones he's seen leveled against U.S. banks, this type of critical infrastructure breach is a worrisome development.

"This is why it's good for any industry to pay attention here to what the banks are facing," said Meyer. "This attack on this utility could be an early warning shot and could be a signal that attacks against other industries will evolve like they did against banks."

Roger Grimes, an author and principal security architect with Microsoft, took a less sanguine view. He told Security Bistro that regardless of what security measures are put into place, the problem won't be solved until the web is locked down.

"The only way to stop the constant hacking and have a significantly more secure Internet is to fix the Internet. Instead we keep concentrating on fixing endpoint devices and wondering why it doesn’t work," said Grimes.

You May Also Be Interested In: