View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 3, 2017

Unsecure IoT makes DDoS attacks stronger, says Kaspersky

"Q4 2016 was rich in noteworthy DDoS attacks against a broad range of targets."

By Tom Ball

Researchers at Kaspersky have found that unsecure Internet of Things could have led to a sharp increase in the strength of cyber-attacks.

The cyber security firm noticed a 292 hour-long Distributed Denial of Service (DDoS) attack during the fourth quarter of 2016, a figure which is a major increase on the longest attack of the previous quarter which lasted 184 hours.

The Kaspersky report, ‘DDoS attacks in Q4 2016’, outlines four main trends. These included the increasing use of Internet of Things (IoT) botnets to carry out DDoS attacks, examples of the use of this method are the attacks on Russian banks in fourth quarter 2016, indicating the volume and potential of this type of attack.

WordPress pingback attacks also became extremely common by the fourth quarter of 2016, especially in light of their comparative infrequency in the first quarter. Kaspersky said that they were ‘extremely rare at the start of 2016’, but ended up occupying a ‘substantial amount of the DDoS attack market’.

Kaspersky also noticed that in the instance of a WordPress pingback attack, ‘encryption greatly complicates filtering and increases the malicious potential of this type of attack’.

DDoS attack figures

The research also shows an increasing interest in targeting countries resources, with the figure reaching 80 in the fourth quarter, contrasting 67 in the previous. This figure represents increasing formidability of cyber-attacks, and their ability to affect infrastructure. An example of this form of threat could be the mass power outages across the Ukraine in December 2016, which in January 2017 were found to be the result of a cyber-attack .

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Speaking to SC Media, the senior vice president at Kaspersky Lab North America Michael Canavan said: “Overall, Q4 2016 was rich in noteworthy DDoS attacks against a broad range of targets, including Dyn’s Domain Name System, Deutsche Telekom and some of Russia’s largest banks”.

South Korea, China and the US remained leaders in terms of the number of targets, and the number of targets detected. The report said that 71.6% of targeted resources were located in China.

Canavan said in regard to prevention of this new threat that “companies can migrate public resources to another IP address, adjust a firewall to fight SYN flood attacks and relocate business critical applications to the cloud or a separate public subnet”.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.