IoT-powered attacks gain ground while financial sites plagued
Distributed Denial of Service (DDoS) attacks continue to grow exponentially at an alarming rate, terrorizing websites and severely endangering digital business operations worldwide, according to a report cited by IPC, a local cloud pioneer and the only DDoS mitigation service provider in the country with a local data scrubbing facility.
The worldwide study conducted by IPC’s DDoS Mitigation partner Nexusguard revealed that 2016 was a challenging year for data security as IoT (Internet of Things) devices became the favorite conduit for attacks used by cybercriminals, which brought an alarming number of new threats. In the 4th Quarter of the year alone, there was a 152% increase of attacks in December from the previous month.
Real-time data on attacks towards enterprises and service-provider networks worldwide were collected by Nexusguard throughout Q4 2016 via botnet scanning, Honeypots, ISPs, and traffic moving between attackers and their targets.
IoT devices being manipulated
The data collected showed that hackers used hundreds of thousands of Internet-connected devices that had previously been infected with a malicious code – known as a “botnet” – to force a DDoS attack. These devices are powerful enough to generate attacks such as speeding up password guessing to break into online accounts, mine bitcoins, click fraud, and many more which can lead to significant damage.
“Because IoT and smart devices are becoming prevalent at work and at home, the playing field for hackers is now definitely bigger,” said Niño Valmonte, the Director for Marketing and Digital Innovation of IPC. “A computer is just one of the many entry points into a network. Webcams, CCTV, smart TVs, and even printers — anything that has a connection to the Internet is vulnerable.”
Nexusguard also reports that botnet attacks were being steadily upgraded to the point that not only did it enable 200GB-sized attacks, attack frequency also increased by more than 152 percent. One such attack lasted for 19 hours and 30 minutes.
The rise in the number and size of attacks last year is said to have been boosted by the massive Mirai botnet attack. Since the release of its source code in August, the number of IoT botnets grew from 213,000 to 493,000 in October.
Financial sector in peril
Combined attacks consisting of DDoS and hacking activities were predominantly aimed at financial institutions. Nexusguard reveals in their study that Web Application Firewall (WAF) alerts in the financial sector jumped by 184% from November to December of 2016.
“This significant jump in attack frequency in December 2016 can be attributed to the holiday season,” said Reggie Yam, Chief Innovation Strategy Officer of Nexusguard. “Because online transactions dramatically increase during Christmas, it is expected that hackers will likewise be more active during the season. We recommend financial institutions to employ a Web Application Firewall security measure to face these attacks not only during the holidays, but year-round.”
A web application firewall (WAF) could be a cloud-based server plugin, or filter that designs a set of rules to an HTTP conversation, thereby limiting requests. By customizing the rules to the website application, many attacks can be identified and blocked.
“Websites are vital tools for financial institutions such as banks to supply information and fulfill their customer’s needs,” said Valmonte. “When a website is defaced or taken down by a DDoS attack, there is a risk of compromising company or client data. The company’s reputation is likewise at stake. While there is no surefire way to prevent these attacks, one can establish defenses by employing a sound cybersecurity strategy.”
IPC’s InCAST (In-Country Attack Scrubbing Tactics) protects websites from defacement and also provides cloud-based DDoS mitigation through DNS proxy services. InCAST is deployed to monitor and control network traffic addressing a host of web application security threats. It also doubles as a sophisticated web firewall by applying a set of rules that can monitor and block traffic to and from a website.
“The latest Nexusguard study is very useful in disseminating information on the dangers of DDoS attacks and website defacement” stated Valmonte. “With smart technology and IoT paving the way for cybercriminals, it is vital for every company, especially those in the financial and e-commerce sectors with a lot of monetary transactions online, to place data security as a high priority and key objective, and not just as an added security measure to get by. Those who underestimate the risks might not be fully ready for sophisticated attacks against their network and business.”
Additional information on IPC’s InCast services is available at https://www.ipc.ph/cyber-security-and-availability.