Hacktivists step up web attack volumes
Hacktivists and gamers are becoming big users of net attacks that knock sites offline by bombarding them with data, suggests a report.
Compiled by Arbor Networks, the report looks at 10 years of distributed denial of service (DDoS) attacks.
The ease with which they could be staged had made them a favourite for groups with a grudge, said Arbor.
Also, it said, insecure home routers were being enrolled into large groups of devices that mounted the attacks.
In the early days of DDoS, cybercrime gangs had used them to extort cash from websites run by betting and gambling firms that could not afford to be knocked offline, said Darren Anstee, a senior analyst at Arbor.
Now, he said, attacks were being mounted by different groups and had grown considerably in size.
In 2011, the biggest attacks had flung about 100 gigabits per second (Gbps) of data at targets, found the report. In 2014 that peak had hit 400Gbps and in the same year there had been four times as many attacks over 100Gbps than in the previous 12 months.
"There's been a massive jump in the number of very large attacks going on out there," said Mr Anstee.
"In 2014 we saw more volumetric attacks, with attackers trying to knock people offline by saturating their access to the internet."
Almost 40% of the organisations Arbor contacted for its report said they were being hit by more than 21 attacks per month, said the report.
Part of the reason for the shift to the large attacks could be explained by a change in the technologies being used to stage them, he said.
When cybercrime gangs had been behind the majority of attacks, the data barrages had been generated by the thousands of hijacked home computers they had had under their control, he said.
Botnets were still used to mount extortion attacks, he said, and were also used to divert the attention of a company's security team so they did not notice a separate attack on another part of a company's infrastructure.
Figures in the report suggested that companies were getting better at spotting the early stages of an attack and recovering once they were hit, he said.
However, said Mr Anstee, building a botnet was difficult for hacktivists and others, who had instead turned to other net-connected devices and technologies to generate the huge data flows.
Some attacks abused the net's timekeeping system or the domain servers that kept a list of which website was where, he said.
Other groups had found ways to enrol insecure home net gateways and routers into attacks, he added.
Hacktivists, hacker groups such as Lizard Squad and gamers who wanted revenge on other players were the bigger users of these tactics, said Mr Anstee.
It was now easy to find so-called "booter" services online that let gamers kick rivals off a particular gaming network or title by attacking that network, he said.
DDoS was also being used by people keen to use their technical skills express their feelings about a real-world conflict.
"If you look at DDoS attacks and try to tie them up with geopolitical events in the last few years, you will always see those events echoed in cyberspace," he said.