The Android connection: DDoS mitigation against third-party apps

Written by

Last fall, web service all along the eastern coast of the United States was disrupted by a series of DDoS attacks. Popular websites like Spotify, the New York Times, and Reddit, just to name a few, were effectively shut down by the distributed denial of service attack. Dyn, the domain name service that hosted the affected companies’ web addresses, was flooded with tens of millions of fake user searches in three separate attacks during the course of a single day, rendering the sites inaccessible for hours.

More recently, an entire university network was shut down after a DDoS attack flooded their system with repeated searches for none other than seafood. The hackers relied on the school’s IoT vending machines and other devices to continue the web searches on constant loop, crippling their network.

While attacks on websites have pretty much become the norm lately, equally alarming is the threat of attack through mobile devices, specifically Android smartphones. Malicious code hiding in third-party apps can readily enter any workplace and potentially infect the network, all through employees’ handsets.

How big is this problem for businesses?

According to DDoS mitigation services provider Incapsula, the price of a DDoS attack is almost as scary as the numbers of IT professionals who report that they’ve already been a victim. Out of several hundred IT professionals who were surveyed, 45% stated that their company had already been targeted. Out of that number, nearly all said that the attack happened in the past year and 70% said they’d suffered more than one attack.

What does that mean in terms of time and money? Almost half of the attacks lasted for six hours or more, with some respondents saying it lasted up to a full 24 hours. A typical DDoS attack can cost large businesses as much as $40,000 an hour, meaning the total can actually reach half a million dollars in loss before any form of DDoS mitigation can occur. For sites like Facebook and Snapchat, the reputation damage alone from such a breach in security could have a tremendous impact on their user base. The recent renegotiations in the Yahoo buyout by Verizon are proof that even one or two large-scale hacking events – over the course of decades – can reshape the entire outcome of the deal.

The next attack may come from an unlikely source

So far, the major headlining DDoS attacks have relied on Internet of Things (IoT) connected devices like smarthome appliances and webcams. However, one of the potential dangers to many companies may be the cellphones – both business owned or personal property – that nearly every employee carries at all times. Android phones are believed to be especially vulnerable due to the abundance of third-party app stores and the open source model that lets anyone use the operating system’s source code.

One of the biggest threats is the abundance of fake apps that masquerade as the real thing, especially major-name ones like Netflix and WhatsApp. Due to the fact that apps like Netflix have millions of users, they’ve also garnered the attention of hackers who want to insert malicious code. Actually infiltrating the genuine Netflix app would be tough, but posting a fake version in an app store that looks and acts like the real deal isn’t all that hard by comparison. The end result is company employees walking into a workplace and connecting to a network with a fraudulent version of Netflix on their devices, one that’s filled with malware.

Everybody hurts

It’s not just the major players in the web space who have to worry about this anymore. According to the Identity Theft Resource Center, there have been record-setting numbers of data breaches in nine out of the previous ten years. These data breaches have affected companies of every size, and in practically every industry. As the numbers show, there is no such thing as a company that is untouchable, or worse, that isn’t worth the effort of a cyberattack. Instead, companies of every size need to be prepared to reduce their risk. This means pretty much anyone who relies on web traffic for their business – whether through their own dedicated domain hosted by a DNS provider, or those who provide services that are brokered by larger websites – must be prepared in the event of a disruption to their service.

According to a team of researchers at Negev Ben-Gurion University, it would only take a single popular Android app filled with malicious code to completely take down the entire emergency 911 call system across the United States. The malware would flood the dispatchers with repetitive, autodialed phone calls, essentially blocking all legitimate communication.

As a business, your company can only allot so much financial and manpower resources to preventing a DDoS attack, so it’s important to make sure that the money and time are well spent. The most important step is to secure all traffic coming into your servers through a multi-layered approach, such as one that a professional DDoS mitigation services provider can offer. This critical aspect to your web security can block malicious activity without slowing down your legitimate web flow.

Article Categories:

Leave a Reply

Your email address will not be published. Required fields are marked *