In the run-up to the US election, we can expect to see more and more of the types of DDoS attack that took Newsweek offline last week. Newsweek believed that hackers targeted it after publishing an article about Donald Trump’s company surreptitiously conducting business in Cuba during the 1990s. As a result, the magazine’s site briefly crashed and was taken offline, with Russian hackers believed to be behind the attacks. Political activism is one of the key drivers for DDoS attacks, and so it’s highly likely that these kinds of attacks will be growing in sophistication, scale, size and frequency as we approach the final weeks of the US presidential election campaign.
Who is to Blame?
While Russia has been blamed for the Newsweek attacks, due to the main IP addresses involved in the attack being traced back to Russia, it’s worth remembering how easy it is for hackers to hide their true locations. IP addresses are no longer a reliable indicator of where an attack has been launched from, as reflection and amplification techniques allow bad actors to reflect attacks off a third party to conceal their origins. The truth is that DDoS attacks can be launched from almost anywhere, and attackers will go to extreme lengths to maintain their anonymity.
Why are Media Organizations Such a Target?
Media organizations will always be a potential target for politically-motivated DDoS attacks, due to their huge reach and influence. And during the US elections, they will likely play a key role in reporting the results as they happen in different states, and thus may have an influence in voting patterns across the country.
Just last year, the BBC was hit with a huge DDoS that knocked its website offline for several hours. Indeed, the recent spate of Internet of Things-based attacks, and the leaking of the Mirai botnet source code, have led some to speculate that we are likely to see attacks of a size never seen before during the election season.
How Can Organizations Like Newsweek Defend Themselves?
But just because media organizations are a regular target, there is no reason to put up with such attacks. Media organizations typically have a relatively limited bandwidth, making it comparatively easy for attackers to launch a volumetric DDoS attack that could knock their sites offline. However, these attacks can easily be defeated by service providers, at the network edge. Internet service providers are really the only organizations with enough capacity to deal with the evolving spectrum of attacks, particularly the massive botnet-driven attacks which have been surfacing lately. By deploying an automatic, in-line, anti-DDoS solution at the Internet edge, full visibility of all malicious traffic crossing a network can be achieved, and the problem can be handled at scale.
For more information, please contact us.