As part of its effort to stem the ever-growing flow of DDoS attacks, the FBI is asking corporate victims to share details of incidents. The kind of information they are looking for includes the attackers’ traffic protocols, IP, email and cryptocurrency wallet addresses, netflow and packet capture logs; plus the exact nature of the demands made and details of any losses suffered by the victim.
The FBI is particularly concerned about the increase in availability of booter and stresser services. They are sold to criminals on black market forums but are also available freely on legitimate sites which offer the tools for network testing – though many unfortunately fail to request proof of authorisation from would-be buyers. These services facilitate DDoS attacks as they allow for fairly inexperienced individuals to run effective campaigns with minimal know-how and at increasingly cheap prices.
The FBI has also urged both manufactures and users to tighten up their security standards and practices, including prompt installation of updates and patches, regular alteration of passwords and user names, and establishing IoT devices on a protected network.