New DDOS Tools: Server-Based Botnets and Encrypted Layer Attacks

Application security solutions provider Radware has released its 2012 Global Application and Network Security Report. According to the study, distributed denial-of-service (DDOS) attacks are becoming more sophisticated and more severe.

In addition, cybercriminals have started deploying new attack tools, such as server-based botnets and encrypted layer attacks, to make their campaigns more effective.

While server-based botnets make the attacks more powerful, by weaponizing the encryption layer, cybercriminals can ensure that their operations escape detection and remain hidden.

The recent DDOS attacks launched by Izz ad-Din al-Qassam Cyber Fighters against US banks are a perfect example of how efficient these new tools are.

Besides the new attack tools, the report also highlights the fact that the number of DDOS and DOS attacks lasting more than one week doubled in 2012.

On the other hand, organizations are still not investing enough resources to ensure that they’re protected against such attacks.

While it’s becoming more and more difficult for organizations to protect their networks against cyberattacks, cybercriminals can turn to all sorts of relatively cheap services and kits that can help them achieve their goals.

“The Radware ERT sees hundreds of DoS/DDoS attacks each year, and we’ve found attacks lasting more than one week have doubled in frequency during 2012. Through empirical and statistical research coupled with front-line experience, our team identified trends that can help educate the security community,” noted Avi Chesla, chief technology officer at Radware.

“Through highlighting significant trends found in this report, our goal is to provide actionable intelligence to ensure organizations can better detect and mitigate these threats that plague their network infrastructure.”

The complete report is available here. A Slideshare presentation can be found here.