DDoS Attacks As Distractions
Think about what happens when you become the victim of a DDoS attack. Phones ring off the proverbial hook, customers complain about the breakdown in service, users panic, etc. – all while you’re trying to detect the source, stop the attack, and get your systems back up and running. Can you imagine a better distraction? Cyber criminals have already come to that realization, which is why they’re now using DDoS attacks to camouflage more sinister breaches. The next time your company experiences a DDoS attack, you may want to make sure it’s not just a smokescreen for the real crime.
How It Works
Unlike typical DDoS attacks, which often consume the network’s entire bandwidth, these distraction attacks leave just enough bandwidth open for hackers to accomplish their true purpose. Hackers count on everyone being so busy with the DDoS attack that they don’t notice the breach – or, if they do, they put it on the back burner until the DDoS attack is resolved. In the meantime, the hackers are busy extracting data, installing malware, or carrying out some other type of mischief. In addition, during traffic surges, some security protocols default to open in an attempt to keep things up and running. This creates the perfect opportunity for hackers to access just about anything they want.
In a variation of that scheme, some hackers use DDoS attacks to probe for system vulnerabilities. In this case, the DDoS acts as a Trojan horse, with the real threat going undetected. In 2013, attackers used this technique to steal $1 million in bitcoins from Danish payment processor BIPS.
Best practices
With the increase in “DDoS as distraction” attacks, your best bet is to avoid putting all of your IT resources into stopping the attack. Instead, assume that it might be a smokescreen for other illegal activity. Hold a team back and task them with monitoring the network for anything unusual. And, once you’ve successfully mitigated the DDoS attack, give your system a thorough checkup to make sure everything is in order.
No company is too big, too small, or too obscure to be the victim of a DDoS attack, whether it’s carried out as a nuisance or as camouflage for something else. Due to the many moving parts involved in data security, as well as the constantly evolving sophistication of hackers, many companies are deciding to outsource at least some parts of their data security to experts. And even the experts tend to specialize, with some focusing only on things like DDoS detection and mitigation. Whether you outsource your security or take care of things in-house, it’s critical to have detailed plans in place for both prevention and response. How confident are you in your network’s security?
No company is too big, too small, or too obscure to be the victim of a DDoS attack, whether it’s carried out as a nuisance or as camouflage for something else. Due to the many moving parts involved in data security, as well as the constantly evolving sophistication of hackers, many companies are deciding to outsource at least some parts of their data security to experts. And even the experts tend to specialize, with some focusing only on things like DDoS detection and mitigation. Whether you outsource your security or take care of things in-house, it’s critical to have detailed plans in place for both prevention and response. How confident are you in your network’s security?
