In response to today’s Reuters report that global news distribution service BusinessWire, owned by Warren Buffett’s Berkshire Hathaway Inc., has been hit with a sustained distributed denial of service (DDoS) cyberattack that continued as of February 6, 2018, experts with Corero and Juniper Networks commented below.
Stephanie Weagle, VP of Marketing at Corero Network Security:
“Cyber attackers can quickly and easily launch a DDoS attack to interrupt the service availability of any online property. In the media and communications industry, attacks against these sites can be used to silence or shut down an unfavorable individual or news story. While the motivations behind the sustained attack against BusinessWire news service remain unknown, the event has far-reaching impact with users experiencing significant service degradation.
“Unfortunately, relying on Cloud based DDoS mitigation services to knock down the attack traffic, while allowing good user traffic to reach its intended destination, is not always an economically sustainable method for long duration attacks. BusinessWire reports that the attack has been ongoing for almost a week.
“Corero DDoS Trend Analysis research published in late 2017 revealed that the number of DDoS attacks almost doubled in the second half of 2016, with many companies now experiencing an average of 8 attacks per day. These attacks are also largely multi-vector in nature, and are proving to be more advanced and difficult to defeat with traditional infrastructure security tools. This uptick in attack frequency is largely attributed to the rapid growth of vulnerable IoT devices. As the number of connected devices grows, so do the threats that come with it, making this another major concern in cyber security for any Internet dependent business. The availability of Internet connected devices with vulnerable operating systems are paving the way for massive amounts of DDoS botnet activity, which is further driven by the proliferation of DDoS- for-hire services.”
Mounir Hahad, Head of Threat Research at Juniper Networks:
“As predicted for 2018, IoT botnet build-up will continue as threat actors acquire knowledge in Linux-based malware, which is the operating system of most IoT devices out there. We have already seen the Satori group exploiting vulnerabilities in D-Link devices as well as another unnamed threat actor building a botnet using vulnerabilities in Huawei devices. Both of these are consumer devices that are deployed in large quantities and are not updated regularly to close security gaps. The typical usage of these botnets is for either cryptocurrency mining, DDoS attacks or both.
“In the case of a targeted DDoS attack such as the one on BusinessWire, it is always prudent to look for signs of another sneakier attack going on while the security teams are fighting off what is essentially a diversion.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.