|
Report: Layer 7 Increasingly Under DDoS Gun |
|
|
|
Source: CSO Online - Posted by Anthony Pell
|
A report from the CYBER SECURITY Forum Initiative (CSFI) offers further evidence that botnet herders are getting a bigger bang out of distributed denial-of-service (DDoS) attacks by targeting security holes at layer 7, more commonly known as the application layer.
A paper on the findings, L7DA (Layer 7 DOS Attack) Report v1.0, was passed along to CSOonline by Paul de Souza, a Chicago-based security analyst and founder of CSFI, a group of IT security practitioners who volunteer their guidance and support to companies that have suffered cyber attacks.
The findings stem from an investigation conducted by 11 volunteers from the IT security community. According to the paper, CWFI/CSFI was contacted by a company that claimed to be experiencing a new layer 7 DDoS. CSOonline.com has left out the specific names of companies and agencies involved as much of the information is confidential.
"The attack has been found in the wild and [was] possibly created by Chinese hackers," the paper states. "It is said to have been deployed to Chinese-owned botnets at this time. According to our source, this new L7DA targets IIS and Apache servers."
Specifically, the attack exploits a system design in both IIS and Apache applications and can crash the targeted servers within minutes. "This type of attack would focus on the HTTP Post method of the IIS and Apache applications. This variation of L7DA was claimed to have been discovered by our source in Singapore where their Beijing, China branch collected intelligence about Chinese hackers implementing a new Layer 7 DDOS attack," the paper continued.
Read this full article at CSO Online
Only registered users can write comments.
Please login or register. Powered by AkoComment! |
