On May 25th, the country came together under one emotion: rage over the murder of George Floyd on the streets of Minneapolis. The country has experienced an increase in protests, riots, and even cyberattacks. An activist group that routinely appears amidst a scandal is back, Anonymous.
Anonymous is a “decentralized” international activist/hacktivist group that performs cyber-attacks against several different kinds of institutions. The institutions that find themselves victims of these attacks are targets because of their misuse of power.
Latest Anonymous Target
The latest target of infamous Anonymous cyber-attacks happens to be the Minneapolis Police Department. Anonymous released a callout video on social media stating their discontent with the police department and threatened to enact justice and expose the corruption to the world.
Click here to watch the Anonymous video.
Shortly after the video was released, the Minneapolis police department website experienced an outage, and the Chicago police radios streamed NWA’s “F*ck The Police.”
The Anonymous hacks were complete by using a distributed denial-of-service or DDoS attack. A DDoS attack is an attempt to disrupt regular traffic by directing a flood of internet traffic to the targeted server, service, or network.
Just like any functioning system, there are several moving parts found in DDoS attacks. Networking and telecommunication systems have multiple layers to them. Each layer has a specific role or function and assists in the successful operation of a full ongoing system. Different types of DDoS attacks target specific segments to expose and take advantage of their weak spots.
Download the OSI Model now!
Types of DDoS Attacks
To perform a DDoS attack, the attacker must gain control of a system and infect the devices with malware. The malware turns the device into a bot, which can give power back to the hacker. Each device infected with malware becomes known as a botnet, and once a botnet forms, directions can be sent to each bot. The bots then flood the network with instructions and reach capacity, therefore not allowing regular access from normal traffic. there are three kinds of attacks.
Application Layer Attacks
Application layer attacks or Layer 7 attacks, consist of overwhelming the server with HTTP requests. The attacks target specific applications and do so by identifying vulnerabilities or weak spots and taking advantage of them. Many attacks occur in unidentifiable patterns that allow monitoring and modification to cause the maximum amount of damage. Application layer attacks can also take place on a large scale. Due to the large size of the attack, it is almost impossible to maintain a list of known patterns, resulting in difficulties defending from new attacks.
Protocol or layer 3 and 4 attacks, target the victim’s infrastructure. These disrupt services by consuming all the available web server capacity or resources such as firewalls or load balancers. One of the most common forms of a protocol attack is known as an SYN Flood. A synchronized request is sent to a server when a user tries to access it; another message submits when it is accepted, known as SYN-ACK, then the visitor gets a message of ACK or acknowledges which allows them access to the website. An SYN Flood attack sends the SYN message but never sends back the SYN-ACK message. Not receiving an acknowledgment message makes the server wait for a signal while receiving an abundance of SYN messages. In other words, the overload of new signals results in the crashing of the server.
A volumetric attack is one of the most significant forms of DDoS attacks. A volumetric attack works just what it sounds like it does. therefore, volumetric attacks create congestions by utilizing all the bandwidth between the target and the internet. These attacks often consume more than 100Gbps of bandwidth. A large amount of data congests the target server, which prevents any other user from accessing the server. These attacks require the minimum amount of resources and produce the maximum level of damage. The small amount of resources needed to deliver a great outcome is why they are the most widely used form of DDoS attack.
Ways to Mitigate DDoS Attacks
Cyber attacks are increasing every day. Cyber attacks have become one of the biggest threats to businesses and organizations around the world. Check out SonicWall’s 2020 Cyber Threat report here!
The best way to mitigate an attack is to prepare for one. Having the proper security in place always lessens the chance of an attack being successful. The components of a good plan include:
- Systems checklist
- A response team
- Define notification and escalation procedures
- List internal and external contacts
A multi-level protection strategy should always be in place. For instance, the combination of firewalls, VPN’s, anti-spam, content filtering, load balancing, and other layers of protection are proactive in covering every front possible. Multi-layer security also includes making sure your systems in place are up to date. It is effortless to work around an out of date system or network.
The most important way to avoid these kinds of attacks is to use the best cybersecurity practices. Engaging in best practices effectively minimizes the risk of attacks. Above all, employers need to educate and build awareness within their employees to know the best practices. Secure passwords and familiarity with phishing emails are necessary for maximum security efforts.