Corero
Blog & News

DDoS Attackers for Hire

Unfortunately, it’s become exponentially easier to launch a massive distributed denial of service (DDoS) attack than it had been. There are two reasons for this evolution:

  1. In early October, the Mirai botnet source code for botnet-driven DDoS attacks was released on the dark web.
  2. Attackers have begun selling this botnet-for-hire as a service. The cost of renting such services depends on how large the buyer wants the attack to be.

The Price of DDoS Revenge

According to Forbes magazine and several other news sources, the DDoS attack on DNS provider Dyn in late October was launched by a disgruntled gamer, as an act of revenge against Sony’s PlayStation Network. Not only did the attacker take down Dyn but many of its marquis downstream customers, such as Airbnb, Twitter, Spotify, and Netflix were also unreachable. Reportedly, the disgruntled gamer rented the service for a mere $7,500.

The original Mirai botnet code was capable of powering 100,000 bots. Now, just six weeks later, according to BleepingComputer there’s a new DDoS-for-hire service that’s powered by 400,000 bots. It used to be that attackers had to gain remote control of servers to launch attacks, but now that there are so many devices connected to the Internet of Things (IoT), it’s easier to recruit an army of botnets.

The Best DDoS Defense

Individual enterprises alone cannot respond to this magnitude of DDoS threat. In light of the increasing frequency of such large DDoS attacks, internet service providers and hosting providers need to offer DDoS defense at the network edge.

There are reports that this new botnet is capable of bypassing traditional DDoS mitigation solutions. That’s not surprising. Traditional DDoS solutions require time (usually 20-30 minutes) to swing traffic out to a scrubbing service. However, our SmartWall One DDoS protection platform blocks even terabit-sized attacks, immediately and automatically. In the end, it does not matter who launches a DDoS attack or why. It matters only that the attack is stopped automatically and immediately.

To learn more about how we can help protect your business from advanced DDoS attacks, schedule some time to speak with one of our experts today.