IoT botnets responsible for more powerful DDoS attacks

Smart devices are increasingly used in denial-of-service (DDoS) attacks where cybercriminals flood targets with junk traffic in order to bring down their services. Moreover, attacks are becoming more devastating.

The power of the average DDoS attack has increased five times in the second quarter of 2018 compared to the similar period last year, Nexus Guard has found: from 4.1 Gbps to 26Gbps. The strongest assaultwas 359Gbps in size, 5.7 times larger than the average attack strength recorded in the same period last year.

Ever since the first Mirai attacks took place in 2016, IoT was a constant presence in reports tracking the evolution of DDoS attacks, due to how easily smart devices can be hijacked.

One of Mirai’s initial blasts from more than two years ago was larger than 600Gbps and lasted for days. The targeted site was defended by a top-tier service but had to be taken offline while the owner searched for better protection against DDoS attacks.

Today’s DDoS attacks have become more powerful as cybercriminals use giant botnets formed of vulnerable IoT devices, the report said. Its findings are based on the particularities of the attacks, which were adapted to exploit limitations present in smart gadgets. A detail supporting this theory is that the rise in IoT botnet activity overlaps with Satori, which exploits zero-day vulnerabilities for DDoS purposes.

Experts have warned for years that connected systems are insecure. Malware targeting IoT devices has become more complex and now includes exploits for known vulnerabilities and zero-day security bugs.

DoS attacks are the typical purpose of an IoT botnet — a network of hacked Internet-connected devices. Botnet operators rent their services to whoever wants to knock offline or disable an online service, charging for the duration and power of the attack.