It was one of the biggest technology stories of 2019. Distributed denial-of-service (DDoS) attacks crippled several South African Internet service providers this year. Now the industry is fighting back.
The administrators of the Johannesburg, Cape Town and Durban Internet exchanges — known as Jinx, Cinx and Dinx — said they are “taking firm and co-ordinated action to join the global fight against DDoS attacks by created a ‘black hole’ that will funnel identified DDoS traffic passing through the exchange points into oblivion”.
Fibre broadband ISP Cool Ideas was one of the worst affected by the DDoS attacks, with users unable to access websites and other Internet services, sometimes for days on end, as a result of the flood of junk traffic.
Hackers use multiple compromised computer systems as attack launchpads to prevent regular Internet traffic from arriving at its desired destination, Halse explained. “Each infected connected device becomes a ‘bot’ that is linked up to other bots, creating a coordinated, remote-controlled ‘botnet’.”“The South African Internet will be better protected against DDoS attacks during the course of 2020 as local ISPs peering at Jinx, Cinx and Dinx begin directing malicious traffic down a defensive black hole,” said Guy Halse, co-chairman of the Internet Service Providers’ Association (Ispa), in a statement on Monday.
“Victim websites are targeted by the botnet which transmits an overwhelming number of requests to the victim’s Internet protocol address, resulting in a distributed denial of service to normal Web traffic. Each bot is a legitimate Internet device, which means separating the attack traffic from normal traffic is a challenge.”
There is often a link to a ransom or some other illegitimate demand or purpose, such as targeting media houses or government entities.
“DDoS attacks are a clear threat to the entire South African Internet ecosystem and Ispa and its partners will continue to tackle this particular challenge with renewed vigour in 2020,” Halse said.