In our blog last week, we discussed how colleges and universities are the third most attacked sector, beating out financial, government, and insurance sectors for numbers of cybersecurity attacks. This week, we will discuss how these hackers commonly utilize DDoS (Distributed Denial of Service) attacks to shut down a university’s network.
What is a DDoS attack?
A Denial of Service attack occurs when a malicious entity sends more traffic to your network than it can handle in order to overload it. When this occurs, your network equipment can become overloaded and fail into a state known as “hub mode” in an effort to maintain communication across the network. When this “hub mode” is enabled, all of the traffic on your network is blasted to every port, allowing an attacker to gather meta and packet data in an effort to map topology of your equipment.
Having a map of your network makes it easier for attackers to push forward with deeper penetration into your infrastructure, allowing them to breach data systems and steal information about your business and clients. The reasoning behind DDoS attacks can vary from revenge to anti-competitive businesses. Whatever the intent behind the cyber attack is, the goal is to be a huge headache for that organization by bringing down their network.
This past year, a number of colleges and universities were hit with DDoS attacks. The University of Virginia, Pennsylvania State, University of Connecticut, Washington State, Johns Hopkins, University of Maryland, University of Southern California, were all victims of DDoS attacks. We aren’t just talking about the big names in the academia world. Community colleges are also being targeted for DDoS attacks.
Earlier this January, Rutgers University suffered from their 6th successful DDoS attack. This came even after Rutgers spent approximately $3 million dollars on improving their cybersecurity which the hacker was sure to mention on Twitter.
Academic institutions in the U.S. are not the only ones falling victim to these DDoS attacks. On December, 7, 2015, the United Kingdom was hit with a cyber attack on their Janet computer network which operates on behalf of the UK’s higher education.
Andrew Smith, a senior lecturer at The Open University, one of the biggest universities in the UK for undergraduate education, described a DDoS attack as “probably one of the oldest tools in the arsenal of attacks that come from cyber criminals”.
“In straightforward terms, attackers have lined up an army of malware compromised computers and have primed them to attack Janet,” he said. “Janet is used by many universities and colleges in the UK. While our security is good, having thousands of computers around the world all sending useless data to one system will flood it and will slow it down.
“Each compromised computer will send a small amount of data, nothing that you would notice and normally in keeping with the typical internet traffic behaviour expected by your broadband provider. However, when this is multiplied by tens, hundreds and thousands of computers – the deluge becomes unmanageable as this restricts our ability to receive internet traffic which would also come in via the same connection.”
With the decreasing price of hacking tools, this increase in attacks will continue to become the new norm. Businesses of all sizes need to adapt to these new threats now in order to continue operating in the coming storm. The number of distributed denial of service attacks in the second quarter of 2015 has hit record highs according to the latest State of the Internet report from Akamai.
DDoS attacks grew seven percent since the last quarter and a staggering 132 percent compared to this time last year. In the quarter there were also 12 attacks that were categorized as “mega attacks,” peaking at more than 1,000 gigabits per second (Gbps) and 50 million packets per second (Mpps). These attacks will not slow down in 2016 and will only increase. All colleges and universities must think about how to mitigate through the murky waters of cybersecurity and reach out to cybersecurity experts.
How can Axiom Cyber Solutions help you?
Axiom Cyber Solutions is offering Managed Cyber-Security Protection for Enterprise Class Businesses Organizations with advanced DDoS capabilities, starting as low as $199 per month. Let us take over and provide you with peace of mind. Axiom will provide your organization a firewall and manage it so you don’t have to worry about securing your business. We will assess the security risks for your business and will help implement the right cyber security service for your organization.
From response time to an attack, to mitigative capacity, to packets inspected per second, the Axiom Sentinel wins in every category against the competition. Our patent pending algorithm coupled with the latest nanotechnology allows us to inspect 120 million packets per second, respond within 10 milliseconds to an attack and mitigate up to 100GB of traffic with a single appliance.
Axiom’s solutions come in different sizes and all our solutions are designed to deal with the attack vectors of today while being adaptive and flexible enough to continue to secure your network for years to come. For more information, check out our website at axiomcyber.com or give us a call us at (800) 519-5070. #FightBackWithAxiom