Here are the most accomplished IT executives, bloggers, podcasters, and social media personalities to follow.
New research from NETSCOUT suggests that educational institutions should review their defenses against distributed denial-of-service attacks, that disrupt operations with overwhelming Internet traffic.
DDoS reached record highs in 2020: More than 10 million attacks occurred, including at least 120,000 known incidents in the education sector. Most likely that number is significantly higher, says Richard Hummel, head of NETSCOUT’s threat intelligence division.
« We’re rising all the time, » he says. “Is there really a plateau? We haven’t made it yet. «
The » NETSCOUT Threat Intelligence Report: DDoS in a time of pandemic « published in April reports an increase in the number of DDoS attacks by 20 percent compared to the previous year and an average of 130,000 more attacks per month than in 2019. </ According to Kaspersky, DDoS attacks in the education sector increased by more than 350 percent between January and June 2020. In October, the district administration alerted its readers, warning that such attacks were likely to get worse.
The frequency is not the only one Difference, as research by NETSCOUT shows. In the past year, industries and organizations that DDoS had never targeted suddenly found themselves in the crosshairs. The nature of the risk has also changed, notes Hummel: Since so much education is now from online Connectivity is much more at stake when an attack threatens to disrupt operations.
« The common misconception that I never mentioned DDoS is absolutely wrong, « says Hummel. « It has to be a consideration for organizations of all sizes. »
In the fall of 2020, a student launched at least eight DDoS attacks that shut down the Miami-Dade County’s public school online learning platform, the Miami Herald reports. With “easy-to-download software,” he was able to bring the virtual class to a standstill for three days.
This incident shows one of the reasons why DDoS attacks are so widespread, says Hummel.
« The barrier to entry is great low, it’s very cheap and it can work, « he says. « It doesn’t take a highly developed team of people. It can be a disgruntled 16-year-old who doesn’t want to go to school. » In addition, DDoS events are easier to launch anonymously compared to other cybersecurity threats, says Hummel. A wrong username and a masked IP address – for example via a VPN access – hide the trail of the evidence.
As for the motivation for these attacks, the vast majority are an attempt to extort money, says Hummel.
In some sectors, such as B. Gambling related to online gaming, DDoS can attack a broadband network with the aim of targeting players and disrupting a competition that players have placed bets on.
Blackmail is another common strategy. An attacker starts a DDoS demonstration and then sends an email demanding money and threatening an even bigger attack if the victim doesn’t pay. Here, too, attackers have adjusted their tactics, says Hummel.
Richard Hummel
NETSCOUT, threat intelligence guide
In the past, you have often sent emails to general staff or support addresses listed on a website. Now they are more likely to research and email directly to high-level executives in the organization, he says.
« The biggest thing that sets this group apart is their persistence and awareness, the fact that they research who they are targeting and what they should address, « says Hummel.
In other cases, the intent is simply to cause damage or disruption – for example, shutting down an online learning environment.
The move to remote learning has been dramatic Affected the vulnerability of institutions to DDoS attacks, says Hummel. Not only do universities conduct online learning and testing, but they are also dependent on this connectivity in a way that they weren’t before.
Because of this, in 2020 attackers have a new preference for video conferencing attacks. and collaboration platforms such as Zoom and Webex. That type of target ranked fourth among the most common targets, which the report said was unusual.
Together, all of these changes underscore the new reality that educational institutions need to incorporate DDoS in their security stacks, says Hummel. The assumption that only smaller targets or industry-specific organizations need to worry is no longer the case, he says.
In the NETSCOUT study, 83 percent of companies that have experienced a DDoS attack said that overloaded firewalls or VPN devices contributed to the failure. This corresponds to an increase of 21 percent compared to the previous year. The attacks also became more complex in 2020, with the number of multi-vector attacks increasing significantly.
As more companies were hit by DDoS attacks for the first time last year, they increasingly turned to managed security services to address these risks to cope with – especially in the areas of education and health care, reports NETSCOUT. Large companies increased demand for DDoS mitigation services by 69 percent, medium-sized businesses by 50 percent, and small to medium-sized businesses by 61 percent.
Last year’s 10 million attacks may have been a record, but this year it gets worse, says Hummel. « We’re on track to beat that number this year, » he says.
6 ways to increase Ed-IT to reduce alarm fatigue
Keywords:
