World's one of the biggest hosting provider OVH has confirmed that it witnessed the largest distributed denial-of-service (DDoS) attack powered by a large network of botnets.
DDoS attack is a type of cyberattack on computer systems that uses multiple compromised machines to conduct an attack on a single machine. The DDoS attack happens when the victim's computer system is overwhelmed by traffic.
It has not been long when American journalist and investigative reporter Brian Krebs' website, Krebs On Security, became a target of DDoS attacks and was hit by a 620-Gbps DDoS attack.
Now, Octave Klaba, the founder and chief technology officer of OVH, confirmed via his official Twitter handle that the company witnessed an increased level of DDoS attacks in the last few days.
Klaba said that multiple DDoS attacks exceeded 100 Gbps including simultaneous attacks that totaled about 1 Tbps. The latest DDoS attack on OVH is the world's largest DDoS attack. OVH had witnessed attacks of 799 Gbps in the past.
Last days, we got lot of huge DDoS. Here, the list of "bigger that 100Gbps" only. You can see the
simultaneous DDoS are close to 1Tbps ! pic.twitter.com/XmlwAU9JZ6
— Octave Klaba / Oles (@olesovhcom) 22 September 2016
OVH's website was hit by DDoS attacks on Sept. 20 and they faced more than 35 attacks in a matter of 48 hours. Klaba said the DDoS attacks were carried on by a network of 152,463 hacked low-powered cameras and smart devices. The entire attack capacity of the compromised devices is estimated to be at 1.5 Tbps. Reports suggest that the same botnet network was responsible for the attacks on Krebs On Security.
Krebs has taken assistance from Google's Project Shield to protect his website. OVH suggests that the situation with the attacks on their network is still not good because new loT devices have been participating in the subsequent attacks.
+15654 new cctv participated in the DDoS last 48H. — Octave Klaba / Oles (@olesovhcom) 28 September 2016
Reports suggest that many routers, DVRs and cameras can be easily compromised as owners do not change default credentials or set passwords that are tough to break. Security firms believe that one of the primary reasons of breaching an loT device is to conduct a DDoS attack.
DDoS attacks are not always conducted by highly sophisticated cyber criminals. Although, DDoS attacks do not steal data from the victim, they can disrupt regular workings. No website knows when to expect or divert a DDoS attack. However, experts suggest that keeping provision for higher server capacity is one of the ways of dealing with DDoS attacks.
Photo: Yuri Samoilov | Flickr