According to media reports, Luxembourg fends off cyberattack on government sites
Gilles Feith, the chief of the CTIE government IT center, said Wednesday that it was the first time the Luxembourg official sites had been targeted to such an extent.
It first reported on Monday a so-called DDoS, or “distributed denial of service” attack, which is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. Feith said the government was able to continue work normally, even though many sites were affected.
What does ATLAS data show?
Data from Arbor’s ATLAS threat intelligence infrastructure, which gathers anonymized traffic and threat data from 300 ISPs around the world, shows that there were around 20 attacks towards Luxembourg domains, reaching a peak of 7Gbps or 700,000 packets per second (pps). Because the attacker/s used a botnet of hijacked devices from all around the world, it is nearly impossible to locate the attacker’s geographic location, as the devices launching the attacks can be controlled from anywhere. For this reason, attribution of DDoS attackers is extremely difficult, and a major reason for the continued popularity of DDoS as an attack vector.
Who could be behind such attacks?
- Someone with a personal vendetta against the target organization.
- Someone looking for media attention.
- Someone testing out their cool new botnet.
- Someone using a DDoS attack to divert attention from a simultaneous targeted attack, such as one looking to exfiltrate data.
That’s the wrong question.
More important than the questions of who or why is understanding how they are doing it. This is why Arbor’s Security Engineering & Response Team (ASERT) has some of the world’s leading exerts in botnet research, who study, infiltrate and ultimately defend against botnets-driven DDoS attacks and malware campaigns.
Here are just a few examples of ASERT’s insights into how botnets operate:
- On the Economics, Propagation, and Mitigation of Mirai IoT Botnet
- The Lizard Brain of LizardStresser IoT Botnet
- Estimating the Revenue of a Russian DDoS Booter
By understanding botnets you can begin to understand DDoS attacks.
To learn more about ASERT and their remarkable capabilities, visit their blog.
To learn more about the global DDoS threat landscape, download Arbor’s 12th annual Worldwide Infrastructure Security Report.