Modern cybersecurity is constantly evolving and sharing experience, it is for this reason that most of today’s specialists skillfully react to any of DDoS attacks against companies, but unfortunately, unpredictable situations occur where a new object appears, previously unknown, and hope remains with the specialists who are forced to look for a solution so that the company continues its work and this does not affect the end user, who has little interest in the reasons, but is interested in the stability of the company.
This month has brought a new subject for cybersecurity professionals to research. A new record was set for the power of DDoS attacks, which is 21.8 million requests per second. The previous record was 17.2 million requests per second, and it is also associated with a new object, which was named “Plague” in Latvian because “MicroTik” devices took part in the attacks.
“Meris”, the new botnet, is also possibly involved in the attacks on the New Zealand government this summer, as well as in the recent attacks on Russian banks a few days ago. However, there is a version, which now has no confirmation that “Meris” is associated with “Mirai”, who this year turns five years from the moment of creation.
According to experts from “Qrator Labs”, as well as “Yandex”, the company that has undergone the most powerful attack in recent years suggests that there may be more than two hundred thousand devices in the presence of hackers, and this figure will increase over time using possible brute force technology. It is also known that these attacks involve high-performance “IoT-devices” that can be connected via an Ethernet connection, respectively, being network devices.
They also have special characteristics:
The technology chosen to attack the new botnet was ”HTTP pipelining” is a feature of HTTP/1.1 which allows multiple HTTP requests to be sent over a single TCP (transmission control protocol) connection without waiting for the corresponding responses. More than two hundred and fifty thousand were used to direct malicious traffic to one target, most of the devices belonged to a Latvian company with different RouterOS versions.
Below is an infographic of the regularity of versions that were involved in DDoS attacks.
The current situation raises concerns among specialists who are constantly conducting research to find a single solution, as well as how to help people who do not have information about the presence of such a vulnerability in their devices. The Binare company has prepared a small list of recommendations that can help you and advises you to contact our specialists for additional information if you doubt the security of your Internet thing. We will be happy to help you!
List of recommendations: