A Canadian security company server was recently hijacked to launch a large Distributed Denial of Service (DDoS) attack “against an online gaming web site“, according to a recent article published by IT World Canada. This “high volume attack” maintained a steady flow of “25 million packets per second (mpps) throughout its entire seven-hour duration“, according to the report. The report states that the gaming web site is a client of Incapsula, a website security company, who was able to “fend off the attack.”
Igal Zeifman, Incapsula’s product evangelist, clarified that “the attackers engaged two separate high-capacity servers to launch the attack” according to information outlined in the article. The report states that this attack turned out to be rather ironic since the servers involved – the Canadian unit and “another in China that was also exploited for the attack” – were the property of “anti-DDoS service providers.” According to the article, “it was the very strength of their network infrastructure that enabled the attackers to launch an overwhelming attack” which left Zeifman to use the term “fighting fire with fire” to describe the event. Both the identity of the online gaming customer and the “two anti-DDoS companies whose servers were compromised” have yet to be released to the public, according to IT World Canada.
Zeifman’s thoughts – which were published in a past blog post – were quoted in the article to say,“With multiple reports coming from different directions, and with several large scale attacks on our own infrastructure, we are now convinced that what we are seeing here is an evolving new trend – one that can endanger even the most hardened network infrastructures.” Zeifman’s words continued to confirm in the article that “anti-DDoS providers” that utilize “wide traffic pipes and close proximity to the Internet backbone” provide exactly what is needed. He continued in the article by saying, “This, combined with the fact that many vendors are more concerned with ‘what’s coming in’ as opposed to ‘what’s going out,’ makes them a good fit for hackers looking to execute massive non-amplified DDoS attacks. DNS floods have the potential to bring down even the most resilient of networks.”
Read more about this massive attack in the full article and learn more from Igal Zeifman’s comments how these events will impact the most “untouchable” networks.