Mastodon

DDOS ATTACKS ON ARMENIA CAUSE CONCERNS

The DdoS1 hacking attacks cause increasing concerns for the global network security. Recently Armenia has also been frequently targeted by such attacks.
Among the dangers that DDoS attacks pose is that hackers use thousands of infected computers spread around the world and it is often impossible to find out who and why carries out the attack. In addition, such attacks are getting more powerful, while the cost to implement them goes down.
According to Incapsula Inc., in 2014 to date there has been already a 240% growth of DDoS attacks compared to the previous year2. Also, the intensity of attacks has increased. As Incapsula contends, the attacks intensity is already reaching 180 Gbps in some cases (see Figure 1). Clowdflare, a company involved in DDoS attack protection, reports even a more drastic increase. According to the company there has already been a 400 Gbps3 attack on a target.
Attacks of such intensity may disable large hubs, including the whole network of a small country. Such attempts have already been made. For instance, the attack on Estonia in 2007 disabled not only media and other hubs, but also almost completely crushed all functions of the government structures that were implemented through the net4. The intensity of the attack was just 100 Mbps, which is not comparable to the modern-day powerful attacks. Mass attacks occurred also in August 2008, during the Russia-Georgia war5.
Armenia is also targeted by DDoS attacks. The first serious attacks that had public significance were recorded in 2012, during the parliamentary elections6. It is impossible to find out who ordered those and one may only make assumptions about that, but given the political situation, most likely the cause was inside the country.
However, the recent developments are mostly related to external actors. For example, large-scale mutual DDoS attacks were carried out against Armenian and Azerbaijani websites during the events that unfolded in September 2012, in relation to Ramil Safarov.
The periodic attacks on sites hosted in Armenia and large Armenian network hubs recorded since November 2013 are a matter of concern. According to the data of Google’s Digital Attack Map7, from November 2013 to April 2014 eight sizable attacks took place with intensity reaching up to 50 Gbps, which is comparable to the whole Armenian Internet traffic.

Dates and intensities of the attacks on Armenia

November 2, 2013 - 38 Gbps
November 12, 2013 - 6 Gbps
November 21, 2013 - 10 Gbps
November 29, 2013 - 40 Gbps
December 4, 2013 - 18 Gbps
March 5, 2014 - 3 Gbps
March 31 2014 -20 Gbps
April 1-3, 2014 - 50 Gbps
As a result of attacks, a number of sites hosted in Armenia with hubs of public significance were periodically rendered inaccessible to users. Also, internet connection disruptions were observed. Thus, the attacks affect the whole country. The trend of DDoS attacks increasing intensity is quite worrisome and requires having solutions at the national level.
2 Report: 2014 DDoS Trends - Botnet Activity is up by 240%. http://www.incapsula.com/blog/ddos-threat-landscape-report-2014.html
3 Technical Details Behind a 400Gbps NTP Amplification DDoS Attack, http://blog.cloudflare.com/technical-details-behind-a-400gbps-ntp-amplification-ddos-attack
5 Cyber Attacks Against Georgia - http://dea.gov.ge/uploads/GITI 2011/GITI2011_3.pdf
6 DDoS-ը դառնում է ավանդո՞ւյթ, http://media.am/DDos-attacks-on-websites
7 Digital Map Attack, http://www.digitalattackmap.com/
“Globus” analytical bulletin, No. 4, 2014

No comments:

Post a Comment

Տվյալների արտահոսքներ - ադրբեջանական հաքերային թիմերի կողմից

 Վերջին օրերին մի քանի արտահոսքի մասին է խոսքը։  Երկուսը ներկայացվել են Anti-Armenia թիմի կողմից։  Մեկը, իբր պետական տվյալներ են գողացել։ Սա...