Record-Breaking DDoS Was Delivered By 145k Hacked Cameras
Peter Donnell / 4 years ago
DDoS attacks are nothing new, they’re going on all the time around the web, taking down websites, companies, stores, you name it. However, the attack that recently took down KrebsOnSecurity website knocked the site out for 24 hours with what is now believed to be a record-breaking 620 gigabit-per-second DDoS attack. That was the biggest attack in terms of data ever seen, but why stop there, there’s already another attack being reported in progress this week which peaked at an absolutely insane 1.1 terabits per second, beating the earlier attack by around 60%.
These are just a sample of recent attacks of terrifying force, but it’s also interesting in another way, as it seems these attacks were delivered via a collection of internet-connected cameras and video recorders. On their own, these devices can only spam around 1 to 30 Mbps to any given IP, but Octava Klaba, founder and CTO of OVH believes the botnet has a maximum capacity of 1.5 Tbps, making it a serious force to be reckoned with. Klaba has also reported that almost 7000 new cameras joined the botnet within a 48-hour period, delivering dozens of attacks around 100 to 800 Gbps each, then another 15,000 new devices were added to the network and attacks grew in size and number.
“Now that we’ve seen a 600 gig botnet, we have to plan that within one to two years, those are going to become common,” Martin McKeay, a member of Akamai’s security intelligence team, told Ars technica. “They may not be every attack, but we will see a dozen of them a quarter, we’ll see a couple hundred of them a year. Now that people know those are a possibility, they’re going to start pushing in that direction. They’re going to make it happen.”
Given previous big attack was back in June, which peaked at 363 Gbps, this is a huge leap and one that will no doubt prove demanding to protect against.