KillNet: The Next-Generation DDoS Group?Michael Smith, Field CTO at Vercara, on Evolving Trends in DDoS Attacks
Distributed denial-of-service attacks often disrupt the normal functioning of a targeted server, service or network by overwhelming it with a flood of traffic. KillNet, a collective of Russian-aligned hacktivists known for its DDoS attacks, gained attention about 18 months ago when the group targeted and successfully took down several U.S. state websites and a few federal government websites.
KillNet exhibits a range of motives, from government-affiliated actions to independent ones. Recent incidents have shown that KillNet targets "newsworthy" events or issues because "DDoS is an economics game," said Michael Smith, field CTO at Vercara.
The challenge lies in attributing DDoS attacks to specific groups, and the transition from traditional data centers to cloud services has blurred the lines of responsibility and protection.
"It's not just the network layer, but it's the application stack. It's even some of the data - it's periphery systems," Smith said. "The way it works on the carrier side is that the carrier's [ISP or cloud] first responsibility is to protect their other customers from the customer that's getting attacked."
In this video interview with Information Security Media Group at Black Hat USA 2023, Smith discussed:
- The challenges of employing traditional mitigation techniques such as BGP-routed solutions in the cloud environment;
- The need to assess whether essential resources are managed by external service providers;
- How Vercara is helping customers defend against and evolve to meet today's attacks.
Smith is a senior information security technologist with more than 25 years of experience in the IT security and intelligence fields, performing roles in management, engineering, software development, auditing, incident response and threat intelligence.