Prolexic Successfully Combats the Largest Packet-Per-Second DDoS Attack Ever Documented in Asia
Prolexic Successfully Combats the Largest Packet-Per-Second DDoS Attack Ever Documented in Asia
  • Korea IT Times (info@koreaittimes.com)
  • 승인 2011.07.28 10:08
  • 댓글 0
이 기사를 공유합니다

Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) mitigation services, today announced it successfully mitigated another major DDoS attack of unprecedented size in terms of packet-per-second volume. Prolexic cautions that global organizations should consider the attack an early warning of the escalating magnitude of similar DDoS threats that are likely to become more prevalent in the next 6 to 8 months.

The attack was directed against an Asian company in a high-risk e-commerce industry. It generated larger than usual TCP SYN Floods and ICMP Floods, both of which are common DDoS attack methods. There was nothing common, however, about the magnitude of the attack.

According to Paul Sop, chief technology officer at Prolexic, the volume reached levels of approximately 25 million packets per second, a rate that can overwhelm the routers and DDoS mitigation appliances of an ISP or major carrier. In contrast, most high-end border routers can forward 70,000 packets per second in typical deployments. In addition, Prolexic's security experts found 176,000 remotely controlled PCs, or bots, in the attacker's botnet (robot network).  This represents a significant threat as typically only 5,000-10,000 bots have been employed in the five previous attacks mitigated by Prolexic.

"The customer attempted to mitigate these repeated DDoS attacks for many months with solutions from its ISP and its carrier before approaching Prolexic," said Sop. "Defeating this attack is a testament to our unrivaled capacity and our unique position as the only global DDoS mitigation provider with the experience and bandwidth to successfully fight these gigantic attacks."

To mitigate this high-magnitude attack without putting the burden on a single carrier, Prolexic distributed traffic among several of its global Tier 1 carrier partners and scrubbing network centers. Prolexic was able to help the client maintain service availability throughout the duration of the attack. While Prolexic was fighting this particular threat, it simultaneously helped another client who was experiencing a 7 Gbps DDoS attack.

An "early warning" of escalating threats

"Prolexic sees this massive attack in Asia with millions of packets per second as an early warning beacon of the increasing magnitude of DDoS attacks that may be on the horizon for Europe and North America in the next 6 to 8 months," Sop said. "High risk clients, such as those extremely large companies in the gaming and gambling industries in Asia, are usually the first targets of these huge botnets just to see how successful they can be."

Prolexic cautions that the next quantum leap in DDoS attacks will not necessarily center on bandwidth, but rather on increasing the volume of packets per second to such a high level that carriers cannot handle the overload. According to Sop, these extremely high packet-per-second DDoS attacks are especially insidious because they can cause collateral damage to carriers long before the "bad traffic" ever reaches its intended target.

Overwhelmed by the deluge of Internet traffic, carriers try to cope by passing around the excessive traffic like a "hot potato" from one to another. Ultimately, the carriers must "black hole" the IP address of the attack target and in doing so they unwittingly help the hacker to achieve the goal of creating a "zero route" which crashes the victim's site. In addition, the continuous shifting of traffic from carrier to carrier can seriously affect the performance of multiple web sites, not just the intended target.

"Prolexic has invested millions to be ready for this type of DDoS attack and while we have only seen this botnet once in the Western Hemisphere to date, it is likely to follow a common pattern and become much more prevalent," Sop said. "The good news is that Prolexic is already well ahead of the game and has proven that we can stop attacks of this magnitude."


댓글삭제
삭제한 댓글은 다시 복구할 수 없습니다.
그래도 삭제하시겠습니까?
댓글 0
댓글쓰기
계정을 선택하시면 로그인·계정인증을 통해
댓글을 남기실 수 있습니다.

  • #1206, 36-4 Yeouido-dong, Yeongdeungpo-gu, Seoul, Korea(Postal Code 07331)
  • 서울특별시 영등포구 여의도동 36-4 (국제금융로8길 34) / 오륜빌딩 1206호
  • URL: www.koreaittimes.com / m.koreaittimes.com. Editorial Div. 02-578-0434 / 010-2442-9446. Email: info@koreaittimes.com.
  • Publisher: Monica Younsoo Chung. Chief Editorial Writer: Kim Hyoung-joong. CEO: Lee Kap-soo. Editor: Jung Yeon-jin.
  • Juvenile Protection Manager: Yeon Choul-woong. IT Times Canada: Willow St. Vancouver BC, Canada / 070-7008-0005.
  • Copyright(C) Korea IT Times, Allrights reserved.
ND소프트