OVH is a hosting company that has apparently been a victim of the biggest DDoS attack ever registered. The attack is said to have surpassed the DDoS on KrebsOnSecurity. A tweet by the company’s CTO, Octave Klaba, reveals that “you can see the simultaneous DDoS are close to 1 Tbps.”
IoT Devices and CCTV Cameras Leveraged in the DDOS
According to OVH’s CTO and founder, the DDoS had used IoT devices such as CCTV cameras and personal video recorders.
This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send >1.5Tbps DDoS. Type: tcp/ack, tcp/ack+psh, tcp/syn.
According to many technical experts, the leveraging of IoT devices is only going to make the growth of DDoS more accelerated. One pretty huge reason for that is the increase in devices found in people’s homes, devices which are running cut-down versions of operating systems and are thus very easy to “break” security-wise.
That’s why experts’ general opinion is that companies need to protect against all types of DDoS.
This is not the first intense CCTV botnet DDoS attack story we have covered.
In a previous attack analyzed by security firm Sucuri, a botnet comprised of more than 25,000 bots targeting businesses at a global level. More specifically, it was a Layer 7 DDoS attack that engulfed web servers and crashes their websites. These attacks continued for days.
The research indicated that the botnet consisted of compromised international CCTV systems situated in various locations around the globe. The first collision Sucuri had with the botnet happened when a jewelry shop was put through a continuous DDoS attack. The business’s website was moved behind Sucuri’s WAF (Web Application Firewall).
The Use of IoT Devices for DDoS Expected to Grow
Craig Parkin, associate partner at Citihub Consulting, has told SC Magazine that “the use here of compromised CCTV cameras is just another way of forming the botnet that does the attacking. It now looks like IoT devices are forming a larger part of the botnet.”
The employment of CCTV cameras has increased drastically in recent years in the consumer market. If in the past those cameras were maintained and installed by professionals, they are now on home networks and share a physical network. The worst part is that the cameras are most likely left unpatched and directly exposed to the Internet, Parkin explained. This problem will definitely get worse before it gets better.