The NCCC has discovered a new type of DDoS attack used to block networks of communication providers

Deputy Secretary of the National Security and Defense Council of Ukraine Serhiy Demedyuk reported that employees of the National Coordination Center for Cybersecurity at the National Security and Defense Council of Ukraine recorded the first attempts of a new type of DDoS attacks at the earliest stage.

“Already then, we realized the severity of the threat – in just a few days, hackers successfully attacked dozens of providers around the world, including Ukraine. An analysis of the data we collected showed that most of the early-stage incidents were only a preparation for a major coordinated attack aimed at blocking access to Internet segments globally. Therefore, we immediately warned Ukrainian providers, relevant cybersecurity actors and foreign partners about the threat and provided recommendations on how to respond to such attacks”, - Mr. Demedyuk said.

Subsequently, this forecast of the NCCC was confirmed – in June 2020, one of the DDOS attacks of a new type became the largest in history, reaching a value of almost 780 Gbps. It was the reason for the short-term (about 30 minutes) disconnection of 15% of the world’s Internet and a number of backbone providers.

The source of this type of attack is a network of compromised “smart home” (IoT) devices. In most cases, access to these devices was obtained by cracking standard passwords. The attackers gained access to remote control and then attacked.

“The peculiarity of these attacks is the focus directly on the providers’ infrastructure. Therefore, if it is successfully implemented, the entire national segment of the Internet is under threat”, - the Deputy NSDC noticed adding that almost 10000 devices that could potentially be used for such DDoS attacks were detected in Ukraine.

According to Mr. Demedyuk, this number is enough to disconnect the entire country from the network during the attack. The situation is complicated by the lack of means of rapid response without losing some vital services, including the transfer of video content, Internet telephony and others.

Experts of the National Coordination Center for Cybersecurity reiterate the importance of using strong passwords in any system and device connected to the Internet.

If an attack is detected, one should record the traffic for further investigation and notify the NCCC at: report@ncscc.gov.ua or by phone +380 44 255-07-46.

Experts of the National Coordination Center for Cybersecurity are ready to assist in responding to any cyberattacks.