Mobile applications being used for DDoS attacks to increase
"The prevalence of mobile devices and the widespread availability of downloadable apps that can be used for DDoS is a game changer," said Stuart Scholly, president of Prolexic. "Malicious actors now carry a powerful attack tool in the palm of their hands, which requires minimal skill to use. Because it is so easy for mobile device users to opt-in to DDoS attack campaigns, we expect to see a considerable increase in the use of these attack tools in 2014."
Data gathered in Q4 from attacks against Prolexic's global client base shows that mobile devices participated in a DDoS attack campaign against a global financial services firm. Digital forensics and attack signature analysis conducted by the Prolexic Security Engineering and Response Team (PLXsert) detected the use of AnDOSid, an Android operating system tool that performs an HTTP POST flood attack.
"Mobile devices add another layer of complexity," explained Scholly. "Because mobile networks use super proxies, you cannot simply use a hardware appliance to block source IP addresses as it will also block legitimate traffic. Effective DDoS mitigation requires an additional level of fingerprinting and human expertise so specific blocking signatures can be developed on-the-fly and applied in real-time."
Prolexic believes that developers of applications commonly used in DDoS attacks like Low Orbit Ion Canon (LOIC) will increasingly port them to mobile platforms in 2014. "Traditionally, some type of infection or malware was required," said Scholly. "With mobile apps, malicious actors can choose to proactively participate in orchestrated DDoS attack campaigns. When you consider how many mobiles device users there are in the world, this presents a significant DDoS threat."
Prolexic's latest DDoS attack report shows the total number of attacks against its clients in Q4 2013 once again set a new record for one quarter, illustrating the heightened level of DDoS activity throughout 2013. Compared to the same quarter one year ago, total attack volume increased 26 percent. A week-by-week comparison to Q4 2012 shows increases in attack volume across eight of the 12 weeks of the quarter.
A complimentary copy of the report is available as a free PDF download from www.prolexic.com/attackreports (http://bit.ly/1m3CASu). Prolexic's Q1 2014 report will be released early in the second quarter of 2014.
- Mobile test management for anytime, anywhere testing
- Consumer electronics manufacturer iHome selects Marvell's IoT Platform
- User Interface based on motion control and predictive navigation
- Android Pay debuts with Apple Pay in sight
- Opel Astra aims to deliver high-end connectivity for the masses
- Google rolls Android M and IoT OS
- Huawei enables high quality campus wireless access
- Self-organizing network gets VoLTE capability
- Advances in test equipment capabilities to centre around LTE and M2M
- Wearable haptics — feeling augmented
- GaN LNA meets need for high RF power survivability
- Improving drive test reliability and accuracy remotely
- Development kit targets consumer-ready wearable and IoT devices
- High power low-pass filters handle up to 2500 W
- Ultra-low-jitter LVCMOS clock buffers
- Apple Watch tear down reveals European chips
- Making hackers obsolete
- Gesture sensor uses 60 GHz radar
- Compact terahertz sources with tunable wavelengths
- Business models of mobile devices damaging the environment
- New MEMS approaches are required for IoT
- Researchers call for reform of safety standards for millimeter-wave devices
- WiFi can be used to count people in a designated space
- IoT platform comes in a tiny single chip module
- Aerogel-based electromagnetic absorber a cheap alternative to graphene
- Startup gets to smartphone modularity before Google's Ara
- Report syas Google buys MEMS sensor startup
- Transparent, stretchable conductors target flexible, wearable electronics
- First optical and synthetic aperture radar commercial satellite constellation
- Printed designer organic electronics
- Critical Requirements in High Speed Signal Generation Applications
- GNSS timing and the rise of small cells
- Getting Security Right in Wireless Sensor Networks
- Doherty Power Amplifier using 2-stage asymmetrical IC designed for 1.8-2.2 GHz applications
- Software-Defined Radio Handbook
- Upgrading Analogue Radios with Digital Voice Encryption Easily and Cost Effectively