Mobile phones have long been on the radar for enterprises concerned about data loss and the spread of malicious code. But a report from the firm Prolexic suggests that they may also be taking part in massive denial of service (DoS) attacks against enterprise networks.
The firm Prolexic said that data it collected in the final quarter of 2013 suggests that mobile devices are playing a growing role in distributed DoS (or DDoS) attacks against the firm’s enterprise customers.
“Malicious actors now carry a powerful attack tool in the palm of their hands, which requires minimal skill to use,” said Stuart Scholly, president of Prolexic, in a statement.
[Read more Security Ledger coverage of Denial of Services Attacks.]
Infecting unwitting victims with a malicious program is a common method used by botnet operators whose platforms are behind many large-scaled DDoS attacks. But Scholly said that mobile devices and mobile DDoS applications like AnDOSid could allow malicious actors to electively join attacks, in a manner similar to the way supporters of the group Anonymous downloaded and ran that group’s Low Orbit Ion Cannon (LOIC) to carry out targeted attacks against online websites.
Mobile networks which use “super proxies” to manage traffic from millions of mobile devices can’t simply be blocked in the way that a rogue server or home computer that is sending malicious traffic can be blocked.
Rather than supplanting traditional sources of DDoS attacks, mobile devices are becoming just another vector for DDoS, Prolexic said in its report. The company has noted mobile DDoS traffic playing a “significant role” in attacks against a “global financial firm” in the fourth quarter. That traffic was linked to the AnDOSid application as well as a mobile version of LOIC, the company said.
The increasing use of mobile devices in DDoS attacks was one feature of a year that saw a sharp increase in both the number and intensity of denial of service attacks. Prolexic data revealed a 26 percent increase in total DDoS attacks in the fourth quarter 2013 compared with a year earlier. DDoS attacks were also longer (22.88 last quarter vs. 21.33 hours in the same quarter 2012) and much more powerful. Prolexic said it recorded a 48.04 percent increase in average peak attack bandwidth to 4.53 Gbps and a 151.21 percent increase in peak packets-per-second rate to 10.60 Mpps Analysis in Q4 2013 versus Q4 2012.