Recent DDoS Attacks: Internet Censorship and Cyber Security Threats

Cyber security researchers from the University of Maryland and the University of Colorado Boulder have recently discovered that malicious actors use Internet censorship programs to launch massive (even unprecedented) DDoS (dispersed denial of support) attacks. At the 30th USENIX Security Symposium in August 2021, the team of researchers, warning about the threats, reported on tens of millions of devices exposed.

What Are DDoS Attacks?

DoS (denial-of-service) attacks aim to shut down a website, system, network, or device so that it's unavailable or inoperable. The most widespread malicious actors' strategy is flooding the targeted device or system - overwhelming its capacity.

DDoS (dispersed denial of support) attacks are the most dangerous hackers' tools targeting online services or websites. The attacks use multiple (unlike DoS attacks) unique machines and IP addresses to overwhelm the victim with too much traffic. The traffic may consist of various requests, incoming messages, fake packets, etc.

Multiple sources of DDoS attacks make it much more complicated to cope with because the attacks are more sophisticated and, at the same time, more difficult to track and turn off compared to one-machine (DoS) attacks. One more trouble with handling DDoS attacks is that it's hard to identify legitimate and illegitimate users since the sources of the attack are different.

DDoS Attack Symptoms

Unfortunately, DDoS attack symptoms don't differ much from ordinary software or other computer troubles for an average user's eye. Here are the most common signs:

  • Slow performance (access to files or a website)
  • Unavailability of or inability to access a particular website
  • Inability to access any website
  • Too many spam emails and requests to a particular webpage

Other symptoms which need a trained eye and up-to-date traffic analytics tools include: suspicious traffic from one source or an IP range; odd traffic from multiple users with a single behavioural profile (geolocation, device type, browser version, etc.); excessive requests to a single page; weird traffic patterns, and more.

Attack on Internet Censorship Systems

The team of researchers is warning about massive DDoS attacks connected with Internet censorship programs. Their report at the 30th USENIX Security Symposium in August 2021 was about tens of millions of devices exposed by malicious actors. However, their investigation isn't new to the cyber world since they already shared their previous results with the national agencies concerned and DDoS mitigation experts and firewall manufacturers. Currently, the issues are getting worse, and the fast solution seems to never occur.

DDoS Attack Process 

Scientists point out that the majority of nation-state censorship infrastructure, as well as commercial firewalls, can be exploited by malicious actors. They can launch DDoS attacks on anyone on the Internet.

The DDoS attacks revealed are of an HTTP reflection/amplification type. This attack can generate massive malicious traffic and hide its sources. It impedes users' ability to use online services and websites.

The amplifiers can produce fake packets towards a victim until a packet drop. The amplification ratios range from 1:1 to 700,000:1 mainly, which significantly exceeds common DDoS attacks. However, they also discovered amplification attacks that offer one million-plus and even infinite amplification.

Why Internet Censorship Programs?

The high susceptibility of Internet censorship programs to amplified DDoS attacks is due to unwise asymmetrical-routing scenarios scalability, misconfiguration contributing to the usage of spoof attacks, and the lack of basic cyber security measures. 

To mitigate risks, cyber security experts claim that network operators need to remove abusable censorship units or systems.

How to Protect Your Business from DDoS Attacks

All the processes of protection, fighting, and mitigation are complicated and should be held by experienced professionals like MBS Tech. 

The crucial thing is that time matters most. Once you've discovered a DDos attack, take necessary actions. Contact your ISP (Internet Service Provider) to reroute malicious traffic. In-office or outsourced cyber security experts can help deal with other risks fast. Also, businesses should utilize up-to-date anti-DDoS solutions to react correspondingly. 

Don't forget that network devices and software must be configured properly. Your defence starts with firewalls and routers.

And reach out to cyber security experts at MBS Techservices to ensure robust, up-to-date cyber security performance. Be cyber smart and safe!  



For your convenience, we’ve divided our blog on cyber security into several categories so that you can find necessary articles fast and effortlessly. Just choose the category that evokes your interest and enjoy reading.