You may have heard about the massive DDoS attack that reportedly tried to “bring down the internet” with a reported 5 million queries (requests for data/information) per second targeting key servers for 48 hours. Following this attack between November 30th and December 1st, everyday users and web security experts alike are asking:
-How did it happen?
-Who was behind this?
-Was my device used as part of this attack?
How DDoS attacks work:
In order to launch a Distributed Denial of Service (DDoS) attack, a large number of “bots” are recruited. Bots are vulnerable computers that have been infected with specialized malware, which can be spread through a compromised website, email attachments or a network. Once a computer is a bot, it begins accepting commands from a centralized command server, and thousands of infected computers form a botnet. When a botnet gets a command to attack a particular site from the centralized command server, all of the bots begin sending requests to a targeted URL or server. The timing is well-coordinated and the bot traffic is distributed to maintain a high level of traffic, overload and effectively bring down the targeted server, forming a Distributed Denial of Service attack.
While there has been speculation as to the “who” and “how”, with some
pointing the finger at government and terrorist organizations, the bottom line remains that it remains speculation. Most users want to know: “Was my device turned into a bot and used in this DDoS attack? If so, what can I do about it, if not, how can I keep my device safe?”
How do you know if your PC or mobile device is being used for DDoS attacks?
The answer isn’t as simple as one would hope. Bot malware has become more sophisticated over the years, often taking on more subtle forms that are overlooked by most malware scanners. You may have heard the term “zombie” used to describe a computer that has been turned into a bot. It’s not easy to tell if your computer or mobile device is a zombie, and while there are tools that reportedly help remove bot malware from your device, the strongest measures users can take are preventative.
How can you protect your device?
It’s important to steer clear from online threats and avoid downloading applications that install bot malware on your computer. Visit trustworthy sites and download files from trusted sources. If you don’t know what danger to look for, you can use tools that warn you before entering a dangerous site.
2016 will be a year that sees several new threats trying to force their way onto your devices, both desktop and mobile. This does not mean that you and your devices need to be vulnerable forever. Users can help make the internet a safer place by rating suspicious and safe sites accordingly, warning unsuspecting users before they fall victim to threats. The WOT team is working hard to ensure that users have tools to protect themselves from threats. More on that topic coming soon.