The FBI announced last week that some new network protocols are used to implement DdoS attacks big scale.
The FBI alert lists three network protocols and one web application as a DdoS attack carriers.
The list includes CoAP (Constrained Application Protocol), the WS-DD (Web Services Dynamic Discovery), the ARMS (Apple Remote Management Service) and software Jenkins.
Three of the four (CoAP, WS-DD, ARMS) have already been abused to carry out mass DDoS attacks, the FBI said.
COAP
In December 2018, malicious hackers began to abuse his features Constrained Application Protocol (CoAP) to carry out DDoS "reflection" and "amplification" attacks.
WS-DD
In May and August 2019, cybercriminals began exploiting the protocol Web Services Dynamic Discovery (WS-DD) to accomplish more than 130 DDoS attacks. Later that year, several researchers security they said increase in the exploitation of non-standard IoT protocols and devices with incorrect configuration to enhance DDoS attacks. The Appliances IoTs are attractive targets because they use the protocol WS-DD to automatically detect new devices connected to Internet and are close by. As of August 2019, there were 630.000 exposed IoTs Appliances with the WS-DD protocol enabled.
ARMS
In October 2019, the hackers took advantage of Apple Remote Management Service (ARMS), part of the Apple Remote Desktop (ARD), to perform DDoS attacks.
JENKINS
In February 2020, researchers security of the United Kingdom located a vulnerability in embedded Jenkins server protocols, used to support the software development process and which could be exploited by hackers to perform DdoS amplification attacks. The researchers calculated that hackers could use vulnerable Jenkins servers to enhance traffic to systems of victims up to 100 times.
FBI experts believe that these new threats DDoS will continue to be used further to cause downtime and other problems.
The purpose of the FBI alert is to warn American Companies for the impending danger so that they can invest in DdoS attack systems.
The FBI says that because these newly discovered DDoS carriers are network protocols that are necessary for Appliances in which they are used (IoT devices, smartphones, Macs), device manufacturers are unlikely to remove or disable protocols on their products. Therefore, the danger he is big.
"In the near future, the Criminals will likely take advantage of the growing number of devices with built-in network protocols (enabled by default) to create botnets capable of performing malicious attacks "DDoS," the FBI said.
So far, these four attackers have been used sporadically, but industry experts expect them to be used more and more often.
Greek
Chinese (Simplified)
English
Russian