July 18, 2022
Can cell phones be the source of DDoS attacks?
A distributed denial of service (DDoS) attack can cripple a company’s servers and network, leading to a major loss of productivity and revenue. Cyber security experts around the world have started to notice that these attacks are no longer being initiated from laptops and computers. Personal gadgets, such as cell phones and tablets, are now being used as the source of DDoS attacks too.
Many of these threats have been launched by mobile botnets that are unwittingly installed on the devices by the users. These malicious botnets are often disguised as normal applications, but once installed, they begin the DDoS attack. This not only compromises the cell phone but also any business website or network to which that device is linked or targeting.
SEACOM Business offers a comprehensive solution against these types of threats. Our DDoS Protect service is a fully managed and automated solution that is continuously backed by global threat intelligence. We provide on-premise, in-cloud or hybrid prevention, mitigation and reporting, in real-time - solving a number of DDoS-related issues.
Cell phones increasingly being targeted by DDoS attacks
Cyber security experts estimate that around 500 000 cell phones have been the source of DDoS attacks in the past few months alone. This means that the threat posed to personal mobile devices is just as serious as that posed to company IT networks. These new-generation botnets are proof that hackers are upgrading their techniques to gain a more effective outcome.
They usually launch DDoS attacks to cripple a company’s network or website. By inundating the servers with fake traffic, the entire system crashes. This prevents employees and customers from accessing the company’s website, network, e-commerce store or mobile application. The result is a major loss in revenue and productivity.
Features of a mobile botnet DDoS attack
Recent statistics have revealed that around 60% of affected devices run on the Android operating system, with 40% being iOS devices. In a single second, there can be millions of requests per second (QPS) sent to a company network by infected mobile devices. These cell phones essentially become the source of an attack on a business.
The statistics also show that mobile DDoS attacks have come from over 160 countries across the world, including Kenya and neighbouring countries. It is important for East African enterprises to take the necessary steps to protect their servers, websites and digital systems. No large company is immune to DDoS attacks, especially now that cell phones can be used to launch these threats.
Traditional mitigation techniques are no longer good enough
Usually, rate-limiting and blacklisting are effective ways to minimise fake requests coming from the DDoS source. However, now that mobile devices are being used, the sources become far more omnipresent. This results in a larger number of sources of DDoS traffic, spread over a bigger geographical area.
Even though the traffic request frequency of a single infected phone is low, the aggregated number of requests can be more than an attack launched from computers. An attacker can use this to their advantage by not triggering the per-device rate limit on a server.
Enterprises can longer solely rely on rate limiting and blacklisting to protect their networks from attacks. What is needed is an intelligent DDoS protection system that uses machine learning to automate responses and update its protocols. For more information or to get a quote for our DDoS Protect solution, email us at marketing@seacom.com or leave us a message.
SEACOM owns Africa’s largest network of information and communications technology (ICT) infrastructure, including fibre optic networks and subsea cables. We offer a wide range of industry-leading scalable ICT solutions for large companies that operate throughout the region.
SEACOM is privately owned - making it adaptable to the needs of the client. We are the preferred ICT and internet connectivity supplier for African enterprises. We can guarantee fast, reliable and secure internet and networking services at affordable prices.
For more information on these solutions, follow us on LinkedIn, Facebook or Twitter. Keep an eye on our news section for industry news and announcements on African ICT, internet connectivity, cloud services and security solutions.