Story image

Gamers beware: Hackers hired for as little as five dollars

23 Oct 14

The gaming industry is the top target for Distributed Denial of Service (DDoS) attacks, according to new research from Symantec.

Symantec says the rise of the attacks are becoming increasingly devastating to service providers and players. The gaming industry experiences nearly 46 percent of DDoS attacks, followed by the software and media sectors.

DDoS attacks are frequently marketed to gamers as a way to disrupt competing teams or players. Symantec says hackers can be hired for as little as five dollars to perform an attack on any target.

While DDoS attacks are not a new concept, they have proven to be effective. The security vendor says it is likely we will see an increase in DDoS attacks from mobile and IoT devices in the future.

“Such attacks are simple to conduct for the attackers, but they can be devastating for the targeted companies,” the report says.

Amplification attacks especially are very popular at the moment as they allow relatively small botnets to take out large targets. For such an attack, spoofed traffic is sent to a third-party service, which will reflect the answer to the spoofed target.

From January to August 2014, Symantec has seen a 183 percent increase in DNS amplification attacks, making it the most popular method seen by Symantec’s Global Intelligence Network.

The report says amplification DDoS attacks using NTP were prominent in the first quarter, but have since been steadily decreasing. “This may be due to various people upgrading and reconfiguring their servers. Attackers are also experimenting with other protocols like the Simple Network Management Protocol (SNMPv2) or, as seen in September, the Simple Service Discovery Protocol (SSDP)”.

Multiple methods are often used by attackers in order to make mitigation difficult and, to make matters worse, DDoS attack services can be hired for less than US$10 on underground forums.

Symantec says it expects to see many DDoS attacks during Guy Fawkes on 5 November, as the Anonymous collective has already announced various activities under the Operation Remember campaign.

However, hacktivists protesting for their ideological beliefs are not the only ones using DDoS attacks. Symantec says it has seen cases of extortion where targets have been financially blackmailed, as well as some targeted attacks using DDoS as a diversion to distract the local CERT team while the real attack was being carried out.

The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Record revenues from servers selling like hot cakes
The relentless demand for data has resulted in another robust quarter for the global server market with impressive growth.
Opinion: Critical data centre operations is just like F1
Schneider's David Gentry believes critical data centre operations share many parallels to a formula 1 race car team.
MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
Schneider Electric's bets for the 2019 data centre industry
From IT and telco merging to the renaissance of liquid cooling, here are the company's top predictions for the year ahead.