The Mirai botnet is an example of the devastation of leveraged unsecured IoT devices.
A hacker can easily leverage the extensibility of the internet to launch a volumetric DDoS attack at little or no cost. The proliferation of cheap IoT devices like dolls, toasters, thermostats, security cameras and Wi-Fi routers makes it easy to launch an effective attack with just a few clicks. As a result the amplification technique has become less popular, but is still used sometimes. IoT devices are less or not secure at all, connected to the Internet and can execute code. In comparison, it is much easier today to create big botnets using IoT devices. When the server receives the request it responds to the victim with a large response. The DNS amplification is the most common technique where the attacker sends small DNS requests with a spoofed source IP address of the victim to a DNS server. Volumetric attacks typically (in the last decade) were produced using amplification techniques. The concept of a volumetric attack is simple, which is to send as much traffic as possible to a site to overwhelm its bandwidth. Attacks are measured in bits per second (bps) or Gigabits per second (Gbps). Volumetric attacks are also known as floods, because they “flood” a victim’s resource with requests, like unwanted pings. It was actually the first attack that made the news in the late 1990s which then spawned an army of copycats. The volumetric DDoS attack is what most people envision when they hear about a DDoS attack because this kind of attack is the most common.
In this post, we’ll look at how they work and what they mean. We see these often on our network and have previously reported on them. And to make it more complicated, while there are three distinct types of DDoS attacks, they can overlap during a single attack and are often combined for greater impact. Since the acronyms are so similar, people often confuse the three. All three have the intent to disrupt some or all of its victim’s services, but each performs it a different way. Broadly speaking, there are three main types of attacks that all DDoS attacks fall under: volumetric (Gbps), protocol (pps) and application layer (rps) attacks. They all have different characteristics, methods, and attack vectors. The one thing they have in common is they’re not all the same. You’ve read about DDoS attacks like SYN flood, ping of death and zero-day in our blog and on news sites.