Cybersecurity is getting better. That much is clear, but experts warn that there’s still work to be done. The thing is, there will always be more work to be done. That’s just how it works. As companies and programmers get better at designing and building more secure code, as well as complimentary security software, attackers inevitable also evolve to different and, in some cases, superior methods.
DDoS attacks have been a popular way for attackers to practice their antics. However, they have recently noticed what we’ve said before: that the rest of the world is has learned to fend off their actions for the most part. Because of this, attackers have found new ways to continue messing around.
First, let’s get the basics out of the way.
The so called “web tsunamis”, distributed denial-of-service attacks (DDoS) have been prominently covered by media, specifically in sectors like tech and gaming, industries that are big targets for these attacks thanks to their big dependency on digital, online services.
In layman’s terms, these types of cyber-attacks consist in overwhelming the targeted service’s data centers with automated, ‘superfluous’ requests. The goal is to ultimately overload systems to prevent real requests from being successfully fulfilled. In other words, the targeted machine or network service becomes unavailable for its users until the problem is solved.
Because the requests flooding the system come from many different sources, stopping an attack by blocking a source is not possible. As such, the usual defense mechanism involves several processes like attack detection and classification, which in theory identify the illegitimate sources from the legitimate ones in order to respond accordingly.
Recently, however, attackers have noticed that the world is getting better at fending off massive distributed denial-of-service attacks. As a result, they are now trying to change the way they do things.
Cloudflare, a company specialized in web optimization that also offers tools for DDoS deflection, has said as much. “In the last 6 months we have seen a large upward trend of Layer 7 based DDoS attacks,” writes Cloudflare security product manager Alex Cruz Farmer in an official blog post. “The key difference to these attacks is they are no longer focused on using huge payloads (volumetric attacks), but based on Requests per Second to exhaust server resources (CPU, Disk and Memory).”
These cyber-assaults are trying to overwhelm application processes instead, exhausting high-level server resources like memory allocations and per-process CPU time, contrary to overloading the lower sections of the networking stack.
“On a regular basis we see attacks that are over 1 million requests per second,” Cruz continues, adding that this type of attack is trending up. According to him, the company registers “around 160 attacks a day, with some days spiking up to over 1000 attacks.”
At first, compared to massive overloads of traffic, a thousand attacks might not seem like much. But the thing about these attacks is not so much the quantity but the complexity of the junk requests made by perpetrators, which can cripple their target without a huge volume.
Cloudflare had already several powerful tools for fending off attacks, but Cruz explains that, after a year of experience, other features have to be implemented to keep the success of the service.
While blocking networks that have been identifies as malicious usually works, companies also run the risk of hurting user’s experiences if an accidental block is put on a legitimate source. To avoid this, Cloudflare believes solutions that challenge users will be key for this kind of cyber defense (in a word: captchas).
Things don’t end there, however, as the company offers a broad selection of tools, and other competitors in the sector are surely implementing similar solutions themselves. One thing is clear: cyber-security will need to keep evolving as long as digital services exist, because cyberattacks will always try to step up their game.