3.8 Tb DDoS attack | MITRE AI incident reporting
#161 - Large scale DDoS attacks and a new initiative to collectively learn from AI incidents.
CloudFlare blocks a 3.8 Tb DDoS attack
How do the attacks get bigger and bigger?
3,800,000,000,000 bits of data.2,000,000,000 packets per second. This was the size of the DDoS attack. The biggest DDoS attack till date.
CloudFlare blocked it. Read this post to know more.
A DDoS attack requires enormous resources on the side of the attacker to launch and equally enormous resources on the side of the defender to protect. The gains are always temporary and sustained attacks rarely last more than a few days. Then why do these attack happen? And why are they increasing in size?
The first question is easy to answer. The attacks are meant to prove a point. They are a sort of show of strength. To answer the second question, we have to understand a bit more of how a DDoS attack works.
The main difference between DoS and DDoS is the ‘distributed’ part. Any Denial of Service attack works when you overwhelm the server or the bandwidth and deny legitimate requests. It is easy to figure out where a DoS attack is coming from and disallow traffic from that part. A DDoS attack comes from various sources and is more difficult to prevent. Most of the traffic comes from IoT devices that have been hacked and are now part of a bot army. The volume of DDoS attack increases because of the simple fact that there are many more IoT devices out there. Scratch that - many more insecure wireless devices.
The post goes on to define how CloudFlare counters DDoS attacks by their ‘Anycast Network’. It’s a good read for a cybersecurity professional.
Take Action:
If you have a public facing internet application that has a lot of retail users, you probably have some controls for DDoS volumetric attacks from the service provider. If you do not, evaluate the risk of facing this type of attack and explore if it is worth investing in such solutions. If you are a part of the nation’s critical infrastructure, you should be having a DDoS prevention system.
MITRE launches AI incident sharing initiative
Report your AI incident and get to know about others’ AI incidents.
We do not know the number or intensity of incidents that can occur because of AI risks. While AI risks have been documented and shared in initiatives like the MIT AI risk repository and the MITRE ATLAS, there was no initiative to have an incident repository for AI risks. This initiative by MITRE uses the STIX format for reporting.
Take Action:
Consider reporting AI incidents to the MITRE AI initiative. It will help build secure AI for the world!