For as long as there has been cyber crime, there have been illegal exploit kits for sale.
Sure, these vary from the elementary to the advanced, but the malicious tools needed to commit cyber crime, theft, hacktivism or participate in run-of-the-mill online havoc are only a click away.
But the raw power, scale and sophistication for sale via those clicks is growing at unprecedented rates. The catalyst for this momentum is, yet again, unsecured Internet of Things (IoT) devices. This is known as the DDoS of Things (DoT).
Selling ‘Stressers’
Capitalising on the ease of building global botnets via new strands of publicly available malware (e.g., Mirai, Leet), threat actors, criminals and hackers are marketing DDoS-for-hire services to anyone with a few dollars in online currency.
While all manners of online weapons are available for sale, DDoS-for-hire services are typically labeled as ‘stressers’ or ‘booters.’ Regardless of nomenclature, they’re the same thing. Some criminal outfits like to use the ‘stresser’ term to thinly veil their service as a legitimate testing tool.
My colleague,A10 Networks’ Networks Director of Cyber Operations Dr. Chase Cunningham recently said: “Basically everything is for sale. You can buy a ‘stresser’, which is just a simple botnet type offering that will allow anyone who knows how to click the start button access to a functional DDoS botnet.”
From there, the user has access to massive global botnets capable of launching global DDoS attacks at organisations, online services, gaming platforms, etc.
Crime-as-a-Service
Most of these services use SaaS-based subscription models, wrote journalist Ryan Francis. His story notes that most services cost about £25-35 a month and include tools and 24-7 support. Prices go up based on attack duration, throughput, subscriptions length and tools included.
Cunningham predicts that cyber criminals will soon give everyday buyers options to specifically purchase IoT-based traffic to push their DDoS attacks to greater capacity thresholds.
He said: “I haven’t seen many yet that specifically include the option to ‘purchase’ an IoT-specific traffic emulator, but I’m sure it’s coming. If it were me running the service, I would definitely have that as an option”.
DDoS Protection Solutions
To prevent large-scale DDoS attacks, enterprises, service providers and security-conscious organisations can implement threat protection systems that detect and mitigate multi-vector DDoS attacks at the network edge, functioning as a first line of defence for your network infrastructure.
Some of the best protection systems enable DDoS mitigation against attacks up to 300 Gbps with a single appliance; scaling to 2.4 Tbps when deployed in a cluster.
By Duncan Hughes, Systems Engineering Director EMEA for A10 Networks