Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 27 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

IoT Devices Are Powering Affordable DDoS-for-Hire Services

by The Gurus
June 16, 2020
in This Week's Gurus
Share on FacebookShare on Twitter

For as long as there has been cyber crime, there have been illegal exploit kits for sale.
Sure, these vary from the elementary to the advanced, but the malicious tools needed to commit cyber crime, theft, hacktivism or participate in run-of-the-mill online havoc are only a click away.
But the raw power, scale and sophistication for sale via those clicks is growing at unprecedented rates. The catalyst for this momentum is, yet again, unsecured Internet of Things (IoT) devices. This is known as the DDoS of Things (DoT).
Selling ‘Stressers’
Capitalising on the ease of building global botnets via new strands of publicly available malware (e.g., Mirai, Leet), threat actors, criminals and hackers are marketing DDoS-for-hire services to anyone with a few dollars in online currency.
While all manners of online weapons are available for sale, DDoS-for-hire services are typically labeled as ‘stressers’ or ‘booters.’ Regardless of nomenclature, they’re the same thing. Some criminal outfits like to use the ‘stresser’ term to thinly veil their service as a legitimate testing tool.
My colleague,A10 Networks’ Networks Director of Cyber Operations Dr. Chase Cunningham recently said: “Basically everything is for sale. You can buy a ‘stresser’, which is just a simple botnet type offering that will allow anyone who knows how to click the start button access to a functional DDoS botnet.”
From there, the user has access to massive global botnets capable of launching global DDoS attacks at organisations, online services, gaming platforms, etc.
Crime-as-a-Service
Most of these services use SaaS-based subscription models, wrote journalist Ryan Francis. His story notes that most services cost about £25-35 a month and include tools and 24-7 support. Prices go up based on attack duration, throughput, subscriptions length and tools included.
Cunningham predicts that cyber criminals will soon give everyday buyers options to specifically purchase IoT-based traffic to push their DDoS attacks to greater capacity thresholds.
He said: “I haven’t seen many yet that specifically include the option to ‘purchase’ an IoT-specific traffic emulator, but I’m sure it’s coming. If it were me running the service, I would definitely have that as an option”.
DDoS Protection Solutions
To prevent large-scale DDoS attacks, enterprises, service providers and security-conscious organisations can implement threat protection systems that detect and mitigate multi-vector DDoS attacks at the network edge, functioning as a first line of defence for your network infrastructure.
Some of the best protection systems enable DDoS mitigation against attacks up to 300 Gbps with a single appliance; scaling to 2.4 Tbps when deployed in a cluster.
By Duncan Hughes, Systems Engineering Director EMEA for A10 Networks

FacebookTweetLinkedIn
Tags: CyberDDoSIoTsecurityTechnology
ShareTweet
Previous Post

Report 2017: Hybrid IT Organisations Experience Cost-Efficiencies and Scalability, but Still Struggle with IT Professional Skills Gap, Visibility, and Security Concerns

Next Post

Nation-State Hackers Go Open Source

Recent News

CREST and IASME announce partnership with the NCSC to deliver Cyber Incident Exercising scheme

September 26, 2023
partnership

Cyberelements Partners with ABC Distribution Partners to Revolutionise Privileged Access Management in Europe

September 26, 2023
Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

September 25, 2023
Nurturing Our Cyber Talent

Nurturing Our Cyber Talent

September 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information