OVH è una società di hosting che a quanto pare è stata una vittima del più grande attacco DDoS mai registrato. L'attacco si dice che abbia superato i DDoS su KrebsOnSecurity. Un tweet dal CTO della società, Octave Klaba, reveals that “you can see the simultaneous DDoS are close to 1 Tbps."
IoT Devices and CCTV Cameras Leveraged in the DDOS
According to OVH’s CTO and founder, the DDoS had used IoT devices such as CCTV cameras and personal video recorders.
This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send >1.5Tbps DDoS. Tipo: tcp/ack, tcp/ack+psh, tcp/syn.
According to many technical experts, the leveraging of IoT devices is only going to make the growth of DDoS more accelerated. One pretty huge reason for that is the increase in devices found in people’s homes, devices which are running cut-down versions of operating systems and are thus very easy to “break” security-wise.
That’s why experts’ general opinion is that companies need to protect against all types of DDoS.
This is not the first intense CCTV botnet DDoS attack story we have covered.
In a previous attack analyzed by security firm Sucuri, a botnet comprised of more than 25,000 bot destinate aziende a livello globale. Più specificamente, it was a Layer 7 DDoS attack that engulfed web servers and crashes their websites. These attacks continued for days.
The research indicated that the botnet consisted of compromised international CCTV systems situated in various locations around the globe. Il primo scontro Sucuri avuto con la botnet è accaduto quando un negozio di gioielli è stato sottoposto a un attacco DDoS continua. Il sito web del business è stato spostato dietro WAF di Sucuri (Firewall Web Application).
The Use of IoT Devices for DDoS Expected to Grow
Craig Parkin, associate partner at Citihub Consulting, has told SC Magazine that “the use here of compromised CCTV cameras is just another way of forming the botnet that does the attacking. It now looks like IoT devices are forming a larger part of the botnet."
The employment of CCTV cameras has increased drastically in recent years in the consumer market. If in the past those cameras were maintained and installed by professionals, they are now on home networks and share a physical network. The worst part is that the cameras are most likely left unpatched and directly exposed to the Internet, Parkin explained. This problem will definitely get worse before it gets better.