Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

DDoS Attack Security Provider Incapsula, Hit By 650 Gbps DDoS Attack

 

 

The Incapsula is a website security provider which has been originally operated by a US-based company Imperva. This cloud-based application delivery platform deals in website security, DDoS protection, and many other services. This official website of Incapsula hit by a DDoS attack on 21st December 2016. All of you are well introduced with Mirai Botnet which is a reason behind biggest DDoS Attacks. But this time Mirai Botnet is not the reason behind this attack. The attackers have used “Leet Botnet” to perform a powerful DDoS attack against the Incapsula. The attack was very powerful as the servers of Incapsula were getting traffic of 650Gbps.

 

The Whole Incident

The attack occurs two times. Around 11 am on 21st December, the network engineers of Imperva noticed that the servers of Incapsula are getting malicious traffic. This time, the attackers performed the attack for only 20 minutes. The amount of traffic was around 400Gbps. The security team successfully protected the servers from this threat. After some time, the attackers again performed the attack and this time the amount of traffic was 650 Gbps. The attackers were flooding 150 million IP packets per second toward Incapsula. According to the company, the attackers were performing this attack to target customers of Incapsula. The security team of Imperva successfully defaced the attack. Later on, they targeted the Imperva itself.

 

Leet Botnet vs Mirai Botnet

According to the Avishay Zawonzi and Dima Bekerman (security researchers at Imperva Security), this DDoS attack was quite different from the attacks of Mirai Botnet. The Mirai botnet can easily convert poorly configured IoT devices into a botnet. The French web hosting giant OVH has suffered the biggest DDoS attack of all time. The servers of OVH were getting traffic worth 1Tbps. A few days ago of OVH DDoS attack, the website of famous cybersecurity journalist “Brian Krebs” was hit by a powerful DDoS attack worth 665 Gbps traffic.

 

Results of This Attack

The security researchers said that this was totally an unsuccessful DDoS Attack. It was an SYN flood attack and attackers were using two different packet ranges. The minimum size of SYN packet was 44 bytes to 60 bytes and the largest size was around 799 bytes to 936 bytes. The attackers were unable to focus on their target. The attackers were finding the IP addresses of Incapsula’s customers but they didn’t resolve it. All the IP addresses were hidden behind Incapsula’s proxies.

 

Who is Behind This Attack?

The company said that the attackers were using spoofed IP addresses to hide their location. It is still not clear that which type of devices they were using to flood the traffic. Maybe, attackers were using IoT devices and DVRs same as Mirai Botnet.

 

Conclusion

The Distributed Denial of Service (DDoS) attack is very famous among attackers nowadays. There is a long list of DDoS attacks, which happened in 2016. All this is happening since the owner of Mirai Botnet has released its original source code. In this case, the company successfully defaced the attack and nothing happened but a successful DDoS attack can shut down the website for several hours.

 

Similar Articles:

French Web Hosting Giant OVH is Suffering DDoS Attack of 1Tbps

BestBuy Hackers Are Offering Mirai Botnet To Fellow Hackers As a Paid DDoS Service

The Actual Story Behind Dyn DNS DDoS Attack!

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.