Major public events with an online presence — like political or IT conventions and sports championships — can be targets for criminals or attention-seekers, so CISOs don’t like to tip off potential attackers how they defend their networks.
However after the events sometimes vendors give a peek at what went on. That’s the case with Arbor Networks, whose denial of service mitigation products were used by last month’s 2016 Rio Olympic Games to help protect the IT infrastructure.
In a blog Wednesday the company said the network faced DDoS attacks leveraging an Internet of Things-based botnet before and during the Games of up to 540gb/sec at public-facing properties and organizations affiliated with the Olympics such as Brazilian banks and telcos.
“A large proportion of the attack volume consisted of UDP reflection/amplification attack vectors such as DNS, chargen, ntp, and SSDP, along with direct UDP packet-flooding, SYN-flooding, and application-layer attacks targeting Web and DNS services,” the company said.
The particular botnet used is called LizardStresser, the company outlined in a separate blog. The code for it was released last year by the developer(s), allowing others who want to make use of DDoS attacks....