Recently we reported on a Distributed Denial of Service (D/DOS) attack on web company Spamhaus that clocked in at a staggering 300 gigabits per second.
A D/DOS occurs when so much illegitimate traffic bombs a website that regular users can't access its services.
The latest record-breaking attack made the 70 GB/s "ItsOkayNoProblemBro" attack on U.S. banks look tiny by comparison.
Except Kevin Kennedy of Juniper Networks recently diagrammed how a 25 kilobyte per second, "sophisticated" attack with good strategy could easily outmatch the Spamhaus hack, even at roughly 0.000008% the size:
The UK has roughly 2 million postal codes. E-commerce sites naturally need to make that postal code database searchable ... a sophisticated hacker figured out that a very simple query would force the database to return the complete list of 2 million postal codes.
By making that simple query a mere 50 times per second—25 kilobits per second in traffic—the attacker completely locked the entire application in under two minutes without tripping a single alarm or volume threshold.
Forget armies of bots, a single PC was enough. And precisely because it was so small, it was lost in the noise of legitimate user traffic.
A single hacker, with one computer, took down a site worth $10 million, simply by being selective about the query rather than just bombing the site itself.
Kennedy writes "The size of 300 gigabits per second makes for fascinating headlines. But the sophistication of 25 kilobits per second may well be the more dangerous threat."
Earlier this year, Brian Krebs coverage showed how a D/DOS acted as a smoke screen for a bank heist totaling $900 thousand. The
Using this targeted mode of attack might have sped up the process for the cyber criminals.
"Stealth, it seems, can be incredibly effective," writes Kennedy.