Public cloud services used to boost DDoS attacks

No Comments

DDoS attacks

Hackers are increasingly abusing public cloud services in order to launch DDoS attacks, according to new research.

The study from anti-DDoS company Link11 shows that a quarter of all DDoS attacks in Europe in the 12 months from July 2017 to June 2018 used public cloud server-based botnets, compared to 18.5 percent in the previous 12 months.

Microsoft Azure was the cloud service most exploited for DDoS attacks over this period, with 38.7 percent of such attacks using Azure servers on average. Amazon Web Services (AWS) was used in 32.7 percent of attacks, and Alibaba servers used in 17.9 percent. Google servers were abused much less often, used in only 10.7 percent of attacks.

Aatish Pattni, Regional Director UK and Ireland for Link11 says:

The people behind DDoS attacks are embracing the use of public cloud services for the same reasons as legitimate organizations: the services provide flexible, on-demand capacity and resources, and can be provisioned in just a few minutes.

For threat actors, the benefits are even more compelling because they will often use stolen credit card details and false identities to pay for the services. This makes the perpetrators almost impossible to trace, even though providers such as Amazon are taking strong action against misuse, and asking users to report any suspected abuse of their services.

According to Link11, public cloud server-based botnets are the ideal platform for launching DDoS attacks. Cloud instances generally offer bandwidths of between one and 10 Gbps, enabling attack volumes which can be as much as 1000 times higher than is possible with individual compromised devices such as home routers or IoT cameras.

Since organizations are often relying on public cloud, blocking these services is not an option. In order to protect themselves businesses need to analyze in detail the communication between public cloud services and their own network, and monitor for malicious or unwanted traffic. This can be done effectively using machine-learning techniques, enabling legitimate traffic to be profiled and fingerprinted.

You can find out more on the Link11 website.

Photo Credit: Fabio Berti/Shutterstock

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

The key technologies fueling chatbot evolution

The importance of people, process and expertise for cyber resilience in the AI age

SteelSeries launches Arctis Nova 5 series gaming headsets and companion app

Manjaro 24.0 Wynsdey packs a punch for Microsoft Windows 11 users switching to Linux

Apps under attack as cybercriminals target changing use patterns

Get 'Python All-in-One For Dummies, 3rd Edition' (worth $27) for FREE

Consumers worry about being fooled by deepfakes

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.1

80 Comments

Linux fan develops a fricking amazing tool to remove all ads from Windows 11

27 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

25 Comments

Switch to Linux Lite 7.0 from Windows 11

20 Comments

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

17 Comments

Windows 11 is losing market share to Windows 10

9 Comments

Cheeseheads rejoice: Joe Biden and Microsoft melt $3.3 Billion into Wisconsin's AI future!

8 Comments

Microsoft issues reminder about end of support for Office 2016 and Office 2019

7 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.