Mumbai: According to a new global research from security experts at Symantec, India topped the global top 50 ranking of countries that have witnessed the highest volume of ‘originating DDoS traffic’, with 26 percent of all DDoS traffic originating from the country, followed by the USA with 17 percent.
“The sources for DoS attacks are often countries that have a high number of bot infected machines and a low adoption rate of filtering of spoofed packets. While this does not mean that the people behind the attack are located in India, as the attacks are often orchestrated remotely; it is a reflection of India emerging as a hotbed to launch these attacks, potentially because of the low cyber security awareness, lack of adequate security practices and infrastructure” said Tarun Kaura, Director, Technology Sales at Symantec India.
The research titled, “The Continued Rise of DDoS Attacks,” was conducted by Symantec’s Security Response team of engineers and analysts who evaluated the global data between the period of January to August 2014 based on the Symantec™ Global Intelligence Network, which is made up of more than 41.5 million attack sensors and records thousands of events per second in over 157 countries and territories.
DDoS attacks, whilst not a new attack vector, have proven to be effective and sometimes devastating for organizations. The attacks attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. A Domain Name Server (DNS) amplification attack is a popular form of DDoS, which floods a publically available target system with DNS response traffic. Symantec’s research indicates that DNS amplification attacks have increased by 183 percent from January to August 2014.
Symantec’s research further highlighted the motivations behind the popularity of DDoS Attacks, indicating it has become the method of choice for hacktivists and cyber gangs. Other motivations have been linked to: financial blackmail with the threat of taking the business offline personal grudge; and as a diversion technique to distract IT security response teams while a targeted attack is conducted.
Best practices include: