DDoS s Evolution Doesn t Require a Security Evolution
They may have grown in sophistication, with more widespread consequences, yet today s distributed denial-of-service attacks can still be fought with conventional tools.
(Image: Alexey Novikov via Adobe Stock)
Distributed denial-of-service (DDoS) attacks that take down online systems are nearly as old as the public Internet. But over the years, they have morphed and evolved into larger and more destructive forms increasingly focused on monetization. Today, as organizations expand partnerships and supply chains and with employees working from home due to the pandemic the stakes are higher than ever. DDoS attacks have grown in sophistication as well as in bandwidth and throughput, says Roland Dobbins, principal engineer for network performance firm NetScout. We see new DDoS vectors discovered or developed by more skilled attackers, more rapidly weaponized, incorporated into DDoS-for-hire services, and made accessible to
Get Permission
Researchers with NetScout s Atlas Security Engineering and Response Team are warning that attackers are abusing certain versions of the Plex media server app to strengthen and amplify various DDoS attacks.
The NetScout researchers believe that about 27,000 Plex media servers are vulnerable to the type of DDoS amplification attacks described in a new report. The Plex media server application works with Windows, Linux and macOS operating systems and normally lets users share video and other media with other devices.
The application can also connect with other devices. such as network-attached storage devices and external RAID storage units.
In the incidents that NetScout found, numerous DDoS-for-hire services were using the vulnerable Plex app to send junk traffic to targeted victims to overwhelm their networks and cause a crash.
Get Permission
Researchers with NetScout s Atlas Security Engineering and Response Team are warning that attackers are abusing certain versions of the Plex media server app to strengthen and amplify various DDoS attacks.
The NetScout researchers believe that about 27,000 Plex media servers are vulnerable to the type of DDoS amplification attacks described in a new report. The Plex media server application works with Windows, Linux and macOS operating systems and normally lets users share video and other media with other devices.
The application can also connect with other devices. such as network-attached storage devices and external RAID storage units.
In the incidents that NetScout found, numerous DDoS-for-hire services were using the vulnerable Plex app to send junk traffic to targeted victims to overwhelm their networks and cause a crash.
A spate of distributed denial-of-service (DDoS) attacks leverage a problematic engineering decision in the popular Plex media server.
Netscout is reporting a spate of distributed denial-of-service (DDoS) attacks leveraging a problematic engineering decision in the popular Plex media server. For companies that count many employees working from home, this can introduce risk to corporate networks.
Indeed, what should be evaluated among chief information security officers is the security posture of the home environment, said Roland Dobbins, Netscout principal engineer, who authored the report. That includes the broadband internet access router. They should check for SSDP as part of a security audit.