Distributed denial-of-service (DDOS) attacks have a low barrier to entry, as DDOS-for-hire services allow quick and often anonymous purchases to attack a specified target. These attacks typically rely on a vast network of compromised computers, known as botnets, to flood a system simultaneously with traffic or requests to disrupt the availability of services. The Internet Archive is one of the most recent victims of a DDOS attack. While access to their usual services was disrupted, the Internet Archive confirmed that no data was stolen in the attack. |
State governments recently fell victim to DDOS attacks. The Alabama government and the Pennsylvania court’s websites were temporarily knocked offline. Although government services were disrupted, no ransom was requested, no attackers claimed responsibility for the attacks, and no data was stolen. |
In April, a DDOS attack disrupted STAAR testing. All Klein Forest High School campuses were affected district-wide, including 6,891 students taking their STAAR tests on April 16 and 17,298 students on April 17. These disruptions caused 3,700 test-takers to be locked out and were forced to restart between the two days. The student who caused the attack allegedly utilized a DDOS-for-hire service. |
Gaming servers are not entirely safe against DDOS attacks. Earlier this month, Final Fantasy servers were flooded with traffic over a few days, preventing users from accessing the online game. Users were receiving a 90002 error upon attempting to select a character. The error appears when connection interference or issues with the game’s servers occur. Some users even shared that they were kicked off the servers due to the overloaded system. |
Denial of service (DOS) attacks are often seen on a much smaller scale and with less severe results. These attacks usually involve one computer but may use a small number of computers to overwhelm a target with traffic. Researchers recently discovered a type of self-perpetuating DOS loop that targets application-layer messaging. These loops can create traffic volumes and are difficult to stop once set in motion. In one variation of this type of disruption, an attacker could overload a vulnerable server by creating many loops with additional loops to target a singular target server. Eventually, the host bandwidth or computational resources will be depleted. To date, a DOS loop has never been observed in an attack; however, researchers are concerned about the impact and potential fallout of an estimated 300,000 compromised hosts if propagated. |
Recommendations |
Monitor network traffic, checking for any abnormal increases that could indicate the beginning of a DDOS attack. Regularly check for and remediate exploitable security flaws and vulnerabilities. Distribute servers and critical data in different data centers to ensure they are on separate networks with diverse paths. Keep all devices patched with the latest security updates. Review the DDOS Attack Types and Mitigation Strategies NJCCIC Product for more information on DDOS attacks. |