Technology

Cyber attackers debut new tricks

It looks like 2018 is a year in which cyber criminals look for new ways to slip through the security net.

15 May 2018

It’s already been a busy year for security researchers and adversaries alike. Software development platform GitHub was hit by the biggest distributed denial of service (DDoS) attack in history, one that employed a DDoS technique that needs no botnet.

Called a Memcached amplification attack, threat actors sent spoofed requests to vulnerable Memcached servers that also have UDP support enabled. The servers were tricked into responding to the requests with far larger packet sizes, sending the packets to the victim IP and overwhelming their systems. This attack originated from more than 1 000 different autonomous systems across tens of thousands of unique endpoints. US-based security solutions group Akamai Prolexic saved the day by rerouting traffic to GitHub through its ‘scrubbing’ centres, which removed and blocked data identified as malicious.

ITWeb Premium

Get 3 months of unlimited access
No credit card. No obligation.

Already a subscriber Log in