Hosting Company OVH’s servers Hit by 1 Tbps DDoS Attacks – This is the largest DDoS attack in the history of Internet.
OVH is counted amongst the largest hosting companies in the world but it is in the news for a bad reason as the company’s servers have suffered a massive 1 Tbps distributed denial-of-service (DDoS) attack last week.
On Thursday OVH founder and CTO Octave Klaba tweeted that “Last days, we got lot of huge DDoS. Here, the list of “bigger that 100Gbps” only. You can see the simultaneous DDoS are close to 1Tbps !”
Klaba’s also shared a screenshot explaining that multiple attacks exceeding 100 Gbps were directed towards OVH servers including simultaneously occurring 1 Tbps attacks. The severest single attack that was documented by OVH reached 93 MMps and 799 Gbps.
Last days, we got lot of huge DDoS. Here, the list of "bigger that 100Gbps" only. You can see the
simultaneous DDoS are close to 1Tbps ! pic.twitter.com/XmlwAU9JZ6
— Octave Klaba / Oles (@olesovhcom) September 22, 2016
Klaba further reviled that the attackers used hacked Internet of Things device (IoT) including surveillance cameras to conduct DDoS attacks on his company’s servers.
This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send >1.5Tbps DDoS. Type: tcp/ack, tcp/ack+psh, tcp/syn.
— Octave Klaba / Oles (@olesovhcom) September 23, 2016
DDoS attacks are not a new phenomenon and we often hear companies getting hit by these attacks. Earlier this week we learned about popular investigative cybercrime journalist Brian Krebs from KrebsOnSecurity was targeted by a DDoS attack of 665 Gbps. Apparently, the attack was a response to his blog post in which he exposed a DDoS service vDOS operators.
The intensity of the attack was dulled by Akamai, however, as per Krebs, the attackers didn’t give up and that was when the company decided to stop offering DDoS protection to his website and it is yet offline.
What is Internet of Things (IoT) and how they can be hacked for DDoS attacks:
The Internet of Things (IoT) refers to the ever-growing network of physical objects that feature an IP address for internet connectivity, and the communication that occurs between these objects and other Internet-enabled devices and systems.
In the aforementioned case, attackers hacked surveillance cameras (CCTV system) to develop a DDoS botnet and target OVH servers. CCTV systems with weak or default login credentials can be hacked with a simple Brute-force attack. In the United State alone there are thousands of unprotected security cameras that can be hacked and used as a DDoS botnet.
Map shows which state have more unprotected cams
A couple of months ago researchers exposed Lizard Squad group hacking CCTV systems and carrying DDoS attacks on financial and government institutions in Brazil whilst the DDoS prevention firm Sucuri and Incapsula revealed that thousands of CCTV cameras have not only been hacked but also turned into DDoS botnet worldwide – reason, once again: their weak login credentials.
However, Linux-based IoT devices are the prime target for cyber criminals. Recently, Luabot and Bashlite aka Lizkebab malware were found taking over Linux-based CCTV cameras and attacking banking and small business worldwide.
At the time of publishing this article, OVH servers were back online.