The quest for a safe and secure Internet is never-ending, as criminals seek new and ever more complex ways to breach Internet security. For most users, the behind-the-scenes attacks and efforts to prevent them are never seen.
Attacks on business, where the most damage can be done, cause major problems through reputation damage, lost business and time taken to rectify damage. According to Neustar over three-quarters (77%) of organisations in the Asia Pacific suffered a Distributed Denial of Service (DDoS) attack in 2015 and three-quarters (76%) of these were only notified of their attacks by customers and other third parties. Almost two-thirds (63%) of those attacked reported intellectual property, financial and/or customer data theft. For those attacked, at least in Europe, the Middle East and Africa, 82% of attacked companies suffered more than one attack and 45% were hit six times or more.
So what are reflection attacks? According to CloudFlare, “a reflection attack works when an attacker can send a packet with a forged source IP address. The attacker sends a packet apparently from the intended victim to a server on the Internet that will reply immediately. Because the source IP address is forged, the remote Internet server replies and sends data to the victim.”
“That has two effects: the actual source of the attack is hidden and is very hard to trace, and, if many Internet servers are used, an attack can consist of an overwhelming number of packets hitting a victim from all over the world.” These reflection attacks become more powerful and dangerous when amplified.
The author would like to thank Dr Jason Smith, Technical Director at CERT Australia and Bruce Matthews, Cyber Security Manager, Australian Communications and Media Authority for their assistance with this article.
Read the full article in edition 9 of Behind the Dot magazine. Edition 9 also featured an interview with Startup Victoria chief Georgia Beattie as well as the annual .au survey report.