France-based hosting provider OVH encountered a series of Distributed Denial of Service (DDoS) attacks last week. With a record-breaking combined bandwidth of over 1Tbps, this attack became the largest DDoS attack ever.
Octave Klaba, the founder and CTO of OVH, indicated on Twitter that the simultaneous DDoS generated a traffic close to 1 Tbps, and the used botnet composed by 145,607 hacked devices is able to send more than 1.5Tbps DDoS.
DDoS launched by same attackers also hit another Information security site recently
Another site falling into victim to a DDoS attack recently was KredbsOnSecurity, an information security blog. This site was hit as revenge for unveiling of a DDoS service provider, vDOS, which then led to the arrest of two 18-year-old
leaders of vDOS. This attack was believed to be powered by hacked cameras and reached almost 665 Gbps of traffic. KredbsOnSecurity eventually turned to Google’s Shield project to seek shelter.
According to Forbes, these two DDoS attacks were caused by the same group of hackers. The hacking network comprised hundreds of thousands of IoT devices, such as routers, monitors and Internet-connected IP cameras. Most of the traffic of the attack was originated in Asia, including China, South Korea, Taiwan and Vietnam.
IoT devices hacks will increase in the near future
The Internet of Things (IoT) devices are widely deployed in our everyday life nowadays. You may already possess a smartwatch or smartphone now, or even have an Internet-connected TV and refrigerator at home. As the trend of IoT is growing rapidly, it will create a huge amount of new entry points to be leveraged by attackers.
As there is still no stringent security regulations or standardized encryption mechanisms, IoT devices are vulnerable to hackers and may be easily infected and used as cyber weapons to launch giant attacks. This type of attack will become more and more common in the following years. As security expert Roland Dobbins warned, “Action, therefore, needs to be taken, both at the internet service provider (ISP) level and across IoT device makers.’’