Cybercriminals are using everything from home routers and WordPress plugins to legacy directory services to launch a DDoS attack, which may explain why recent research shows instances of these attacks more than doubling over the past year.

Akamai recently published a report, titled “Q2 2015 State of the Internet – Security Report,” which showed the number of distributed denial-of-service (DDoS) attack incidents exceeding 100 Mbps has risen over the past quarter, along with those aimed specifically at the application or infrastructure layers of corporate IT environments. Perhaps most disturbing is the relatively low-grade channels cybercriminals have exploited to launch DDoS requests. Specifically, the research indicated cybercriminals are taking advantage of flaws in WordPress plugins or home routers owned by consumers, which could be harder for CISOs and their teams to track.

Experts told CSO Online that attackers are also increasingly looking at Tor, the network designed with anonymity in mind. Launching a DDoS attack this way would most likely do damage at the application level, but blocking all such anonymous traffic may mean organizations alienate legitimate customers, as well.

At the other end of the spectrum are more sophisticated cybercriminals, some of whom recently took advantage of RCS Portmapper, a relatively older Linux director service, to launch an advanced DDoS attack. Techworld explained the approach in detail: Portmapper was hit by Internet traffic that looked genuine but in fact led back to a malicious target. Though this technique was noticed after the fact, it’s a good reminder that legacy protocols may be more vulnerable to cybercriminals who know what they’re doing.

On the plus side, there seems to be equally strong efforts by government and law enforcement agencies to think of ways to better defend against a DDoS attack. SC Magazine reported that the U.S. Defense Advanced Research Projects Agency (DARPA) is working on a program called XD3, or Extreme DDoS Defense, which would not only recognize when servers were hit by malicious traffic, but also respond to the attacks within as little as 10 seconds.

Although this project may be initially piloted by military organizations, if it’s successful, large organizations may eventually get access to it, as well. Let’s hope so, because there is certainly no indication that these threats are going to fade away anytime soon.

More from

The Role of Finance Departments in Cybersecurity

Consumers are becoming more aware of the data companies collect about them, and place high importance on data security and privacy. Though consumers aren’t aware of every data breach, they are justifiably concerned about what happens to the data companies collect. A recent study of consumer views on data privacy and security revealed consumers are more careful about sharing data. The majority of respondents (87%) say they wouldn’t do business with companies that appear to have weak security. Study participants also…

The One Place IT Budget Cuts Can’t Touch: Cybersecurity

If IT spending is slowing, will business leaders follow a similar approach for cybersecurity budgets? Probably not. Gartner predicts that end-user spending on both security technology and services will see an annual growth rate of 11% over the next four years. And the market is anticipated to reach $267.3 billion in 2026. Many security professionals agree that security spending cuts aren’t likely. Given the current threat landscape, strong security has quickly become a business imperative. Security has become the highest…

2022 Industry Threat Recap: Manufacturing

It seems like yesterday that industries were fumbling to understand the threats posed by post-pandemic economic and technological changes. While every disruption provides opportunities for positive change, it's hard to ignore the impact that global supply chains, rising labor costs, digital currency and environmental regulations have had on commerce worldwide. Many sectors are starting to see the light at the end of the tunnel. But 2022 has shown us that manufacturing still faces some dark clouds ahead when combatting persistent…

What Does a Network Security Engineer Do?

Cybersecurity is complex. The digital transformation, remote work and the ever-evolving threat landscape require different tools and different skill sets. Systems must be in place to protect endpoints, identities and a borderless network perimeter. The job role responsible for handling this complex security infrastructure is the network security engineer. In a nutshell, the network security engineer is the person who is responsible for the design and implementation of the organization’s security system, ensuring there are no gaps or vulnerabilities for…