Cheap and Accessible--1-Day DDoS Attacks Gain Traction, Expert Warns

Share Article

Nexusguard researcher Frank Tse warns against one-day exploits at Info Security 2013, urges corporations to develop emergency response plans.

Attackers may develop new attack tools that exploit these vulnerabilities to launch attacks in a short period of time--usually within a day, hence the name 'one-day exploit'," Tse explained.

With DDoS tools becoming more sophisticated and being developed at a faster pace, DDoS attacks are increasing at an alarming rate. Researchers at Nexusguard have found that many tools on the market are developed specifically for zero-day vulnerabilities, but a new type of exploit is also gaining traction--one-day exploits.

Speaking at Info Security 2013, Nexusguard researcher Frank Tse analyzed various types of DDoS tools. Out of more than 50 tools that he's studied in the past two years, Tse's research concluded that more than 90 percent of them target the application layer, while only a handful utilize bandwidth flooding techniques.

Nexusguard warns that attackers are increasingly using zero-day vulnerabilities to develop exploits, but one-day attacks are another trend that is equally threatening for networks. "A one-day vulnerability is a weakness in the system that is disclosed by researchers while patches are not available yet. Attackers may develop new attack tools that exploit these vulnerabilities to launch attacks in a short period of time--usually within a day, hence the name 'one-day exploit'," Tse explained.

One-day exploits require much less time and resources to develop compared to zero-day exploits. Although one-day exploits have a lower chance to succeed in attacking a system, which might have already been patched, these exploits are readily available on the Internet and information about them is easily accessible [Example: OSVDB, NVD by NIST]. On the other hand, most software venders play catch up by spending weeks coding, testing and distributing security patches--while victims are suffering enormous losses.

Most corporations are unable to defend against one-day attacks because they lack the resources and skills to identify and respond to these attacks, Tse said. "There's not much they can do when they don't even notice or understand these types of attacks."

Corporations should devise emergency response plans for information security crises, and Tse recommends bringing in third-party Internet security providers to respond to attacks in real time. "Nexusguard's research team can respond to zero-day and one-day exploits in real time, while Nexusguard's Security Operation Center helps clients apply virtual patches in the cloud when their traffic is routed to Nexusguard’s scrubbing center. This allows clients to have sufficient time to evaluate, plan and test for new patches."

Tse urges corporations to put in place measures that can mitigate cyber attacks, especially since there are already numerous Internet security companies that provide effective real-time Internet services.

Nexusguard's ClearDDoS Token allows corporations to take advantage of an experienced and professional team of researchers and security experts at an affordable price. For more information, please visit http://www.nexusguard.

About Nexusguard
Nexusguard, incorporated in 2008, is a premium provider of end-to-end, in-the-cloud Internet Security Solutions. Nexusguard delivers solutions over the internet to ensure that our clients enjoy uninterrupted web-service delivery to their users, by protecting them against the ever-increasing and evolving multitude of internet threats, particularly Denial-of-Service (DDoS) attacks, and other attacks directed at web application software.

Contact :
Stanley Liu
T : [852] 3526 0626
F : [852] 3526 0086

Ivy Wu
T : [886] 2659 8958
F : [886] 2659 8956

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Ivy Wu
Visit website