A DDoS Attack Hits Your Productivity and Profits
- Published byadmin
- December 8, 2017
How quickly could your business recover if it were suddenly hit by a Distributed Denial of Service, or DDoS, attack? Are you protected against the effects they could have on your operations? If asked these questions, most businesses should want to say yes, but in reality, over half lack the means to defend against DDoS.
It may be helpful to go over how a DDoS attack operates. Simply put, a DDoS attack overwhelms your network and its defenses by hitting it with a barrage of traffic. As a result of this attack, you can lose access to your data and be stuck with downtime. As any executive knows, this is how a DDoS attack really hurts a business. Downtime equals a loss of productivity, which in turn equals wasted time and lost profits.
In a report from CDNetworks, 88 percent of companies are under the impression that their defenses are sufficient to stop a DDoS attack. 69 percent of these companies have also been victims of a DDoS attack within the last year. This begs the question–how much are these attacks affecting these companies?
Other statistics provide a glimpse into the other costs that businesses face in response to these attacks. Companies in the United States invest an average of $ 34,700 into protection against DDoS attacks every year; while companies in Europe spend about $ 29,000 on average. These are not meager sums to sink into protections that don’t do their desired job. Some other questions a business owner or manager has to ask include: why do DDoS attacks defy the protections put in place to thwart them; and, what can businesses do to bridge this gap?
In order to secure your business against DDoS attack, you need to learn from the failures of the 88 percent (the companies that think they are ready to stop a DDoS attack), and even more so the 69 percent (the companies that have already been attacked over the past year). Nearly three-quarters of companies have already resolved to dedicate more funds toward preventing DDoS attacks over the next year. Do you plan to follow suit, and if so, how do you plan to protect your business against DDoS attacks?
If you’re looking for help protecting your business from DDoS attacks and other risk factors, reach out to Catalyst Technology Group. We can be reached at (317) 705-0333.
100 Countries Hit By Android DDoS Malware
- Published byadmin
- September 11, 2017
In what is one of the first attacks of its kind, a botnet dubbed WireX swept across 100 countries, controlling over 120,000 IP addresses at its peak. The factor that made WireX so unique was the fact that the botnet was made up of Android-powered devices that had one of 300 malicious apps downloaded from the Google Play Store.
How It Works
WireX was designed to use HTTP requests to bombard their targets, directing as many as 20,000 requests to a target every second to use up the target’s server resources. This number of requests may not have been effective, if it weren’t for where WireX would direct its attack on the victim site. Rather than just sending 20,000 requests every second to the website as a whole, WireX would target specific pages that used more of the site’s resources. Search pages were frequently targeted for this reason.
Why Is WireX So Nasty?
There are a few factors that contribute to why WireX managed to cause such a big fuss, so quickly.
First off, although WireX is an Android-powered mobile botnet, the traffic it sends to the targeted website appears to be regular mobile browser traffic. This is a problem, because most experts who focus on defending companies from DDoS attacks utilize filters that help them to sort the malicious traffic out from the legitimate traffic. This is more difficult with WireX, as it includes its own fully-functioning browser that hides its information from the targeted system.
In addition to this, WireX also leverages SSL as a part of its attacks, which usually protects an Android user’s browser session. In this case, however, it only makes WireX more difficult to detect.
Defeating the DDoS
It ultimately took a team of experts from Cloudflare, Akamai, Flashpoint, Dyn, Google, Team Cymru and EiskIQ to stop WireX. The seven companies needed to pool their resources and data on WireX in order to identify it as a mobile-based attack, and then to identify the 300 malicious Google Play Store apps that delivered it. While these apps have not been named to the public, they were often media players, ringtones, or storage managers. Google has since blocked these apps from the Play Store, and has also removed them from the devices that were infected.
So, What Can You Do?
Your most effective defense against threats like WireX and other applications that sneak in malware is to simply not download applications that you don’t trust, as well as to educate employees on why they shouldn’t either. For more information on the latest threats and how you can protect yourself, call Catalyst Technology Group at (317) 705-0333.