The Rise of Packet Rate Attacks: When Core Routers Turn Evil
Packet rate attacks, a new trend in DDoS attacks, overload networking devices near the target. OVHcloud faced attacks exceeding 100 Mpps, some from MikroTik Routers, prompting enhanced protection measures.
Read original articleThe article discusses the rise of packet rate attacks, a new trend in DDoS attacks observed since the beginning of 2023. These attacks aim to overload packet processing engines of networking devices close to the target, impacting infrastructure. The article highlights the challenges of dealing with high packet rates compared to larger packets due to increased computing costs. OVHcloud experienced a significant increase in DDoS attacks exceeding 100 Mpps in the past 18 months, with record-breaking attacks reaching 840 Mpps in April 2024. The analysis revealed that many attacks originated from specific IPs, mainly MikroTik Routers, indicating potential security vulnerabilities and poor management practices. The article emphasizes the need for enhanced protection against high packet rate attacks and the importance of understanding attack origins to safeguard infrastructures and customers effectively. OVHcloud is considering adjustments to its anti-DDoS infrastructures to better handle future attacks.
Related
South Korean ISP Infected 600,000 Torrenting Subscribers with Malware
South Korea's KT accused of distributing malware to 600,000 subscribers to block torrent traffic, sparking privacy concerns and legal scrutiny. Police investigate organized hacking attempt by KT. Concerns raised over network interference.
South Korean ISP 'Infected' Torrenting Subscribers with Malware
South Korea's KT accused of distributing malware to block torrent traffic, affecting Webhard services. Allegations suggest organized hacking for eavesdropping and cost management. Legal scrutiny ensues, revealing network management challenges.
MOVEit Transfer: Auth bypass and a look at exposure
Progress Software disclosed two critical authentication bypass CVEs affecting MOVEit Transfer and Gateway products on June 25, 2024. CVE-2024-5806 was upgraded from High to Critical. Censys reported 2,700 instances concentrated in the US, emphasizing ongoing vigilance.
The Growing Threat of Malware Concealed Behind Cloud Services
Cybersecurity threats evolve with malware operators using cloud services like UNSTABLE and Condi botnets. FortiGuard Labs advises enhancing cloud security defenses to combat growing cybercriminal activities effectively.
How Ukraine built a volunteer hacker army from scratch
Ukraine formed a volunteer hacker army, the IT Army, to counter the Russian invasion in 2022. With 300,000 members, they conducted 2,000 cyber attacks, targeting Russian infrastructure and evolving tactics to combat improved defenses.
I wonder why they decided not to include the exact percentage of the attack coming from Mikrotik devices or a list of the top 10 vendors and their share.
Like, did Mikrotik generate 50% of the high packet rate DDoS? Or was it like 10% coming from Microtik, 10% from major vendors and 80% of others/unknown?
Did they search for MikroTik because it is easy to search for and has some history of vulnerabilities?
Related
South Korean ISP Infected 600,000 Torrenting Subscribers with Malware
South Korea's KT accused of distributing malware to 600,000 subscribers to block torrent traffic, sparking privacy concerns and legal scrutiny. Police investigate organized hacking attempt by KT. Concerns raised over network interference.
South Korean ISP 'Infected' Torrenting Subscribers with Malware
South Korea's KT accused of distributing malware to block torrent traffic, affecting Webhard services. Allegations suggest organized hacking for eavesdropping and cost management. Legal scrutiny ensues, revealing network management challenges.
MOVEit Transfer: Auth bypass and a look at exposure
Progress Software disclosed two critical authentication bypass CVEs affecting MOVEit Transfer and Gateway products on June 25, 2024. CVE-2024-5806 was upgraded from High to Critical. Censys reported 2,700 instances concentrated in the US, emphasizing ongoing vigilance.
The Growing Threat of Malware Concealed Behind Cloud Services
Cybersecurity threats evolve with malware operators using cloud services like UNSTABLE and Condi botnets. FortiGuard Labs advises enhancing cloud security defenses to combat growing cybercriminal activities effectively.
How Ukraine built a volunteer hacker army from scratch
Ukraine formed a volunteer hacker army, the IT Army, to counter the Russian invasion in 2022. With 300,000 members, they conducted 2,000 cyber attacks, targeting Russian infrastructure and evolving tactics to combat improved defenses.