Denial of service becomes common method for hacker attacks

2012년 9월 21일 (금)

A rise in denial of service (DoS) threats have Americans on edge, as new reports claim that larger banks, like Chase and Bank of America, were victims of a cyberattack. To educate the public, Imperva recently released a report called Denial of Service Attacks: A Comprehensive Guide to Trends, Techniques and Technologies, meant to educate professionals on the growing trend, and to list web security protections every company should implement.

DoS is a common method hacker's use to interrupt computer systems because it is easy to distribute and does not require high technical skills, according to Infosecurity Magazine. The purpose of using denial of service is not to breach data, but rather make an organization's network unavailable to all of its users through botnets or compromised servers that contain a malware, CRN reported.

How it works
Previously, hacktivists would use DoS on a network level to shut down a server port, which was easier to accomplish but required the skills of multiple hackers. Today, cybercriminals are more knowledgeable and plan application-level attacks for commercial purposes because they require fewer people and target a specific vulnerability within a company's system that may not be easily patched, said Tal Beery, Imperva's security researcher.

The study also details different tools used for this threat, including Mobile Low Orbit Ion Cannon (LOIC), Slowhttp and Railgun.

Outsourcing DoS
According to the report, DoS-as-a-service has become a common illegal practice in which organizations overseas charge their clients to issue an attack.

"I think those services just go under the radar," said Beery. "And if they are careful enough, they will be using some kind of the secured anonymous payment system, and they are changing their emails and instant messaging identities and so forth. Plus, they can use bots and proxies to further conceal their identities."

Defenses
Companies can integrate a few network security solutions to inhibit a hacker's attempts for DoS distribution. According to Imperva, a business can block known threats by inputting its unique HTTP characteristics to use for early detection. IT departments should also take the time to gather information on potential sources and block automated processes.

Finally, company owners should install an anti-DoS rule engine to identify if a threat is being repeated on a computer system. Because DoS is used to make a network of computers unavailable, it repeats attacks that might look harmless if viewed at an individual basis, according to CRN.

DoS is quickly becoming the go-to assault method for cybercriminals, which is why it is so important for companies to educate their employees on the subject and take the necessary measures to keep data safe and customers happy.

-McAfee Cloud Security