The WHIR ran an article years ago entitled, “Report: Short DDoS Attacks Can Have Lasting Security Impact,” in which they delved into the security risks of short DDoS (distributed denial of service) attacks.
I’ve never read any discussion of security risks posed by short DDoS attacks, which makes this article so interesting. As the article lays out, short, low-volume attacks can act as Trojan Horses, allowing cybercriminals to disseminate harmful malware.
In this scenario, the goal of these types of attacks is to obstruct IPS (intrusion prevention systems) and firewalls, distracting that business’s IT security personnel long enough for them to install their malware and pilfer their data.
According to Corero, over 70% typically lasted under ten minutes and nearly the same percentage were under 1 Gbps. The reasoning for this is conjectured to be that these cybercriminals don’t want to show their hands via large scale attacks that could cripple a website. Why not? It allows them an avenue to test for vulnerabilities at little risk of being detected.
Your thoughts …
I’ve never read any discussion of security risks posed by short DDoS attacks, which makes this article so interesting. As the article lays out, short, low-volume attacks can act as Trojan Horses, allowing cybercriminals to disseminate harmful malware.
In this scenario, the goal of these types of attacks is to obstruct IPS (intrusion prevention systems) and firewalls, distracting that business’s IT security personnel long enough for them to install their malware and pilfer their data.
According to Corero, over 70% typically lasted under ten minutes and nearly the same percentage were under 1 Gbps. The reasoning for this is conjectured to be that these cybercriminals don’t want to show their hands via large scale attacks that could cripple a website. Why not? It allows them an avenue to test for vulnerabilities at little risk of being detected.
Your thoughts …