25
August
2021
Security Scene: August 2021 Edition
By Adair Thaxton, Internet2 Cyberinfrastructure Security Engineer
Estimated reading time: 2 minutes
Ah, the students are returning. This is why we do what we do, right? For the chaos? Our lives would be so boring without them around!
Qrator posted a quarterly analysis of DDoS and BGP attacks. The majority of DDoS attacks were UDP-based, and the median attack time was 270 seconds, or about four and a half minutes. This was slightly longer than last quarter, but still fairly short overall.
More than a third of the attacks were at least 10Gbps. On the BGP side, there was a jump in the number of hijacking ASes, while the number of ASes leaking routes stayed fairly consistent. That being said, there were almost 10 million BGP route leaks in Q2.
Brian Krebs reports that hackers are now offering to pay employees to deploy malware inside their work networks. This is pretty scary if they extend these efforts into R&E networks — students always need money, and this is probably easier than donating plasma.
An engineer from APNIC set up a test environment to learn more about RPKI. He used familiar tools such as eve-ng, Krill, and rpki-client in his efforts. This is a really good explanation and exploration of the technologies we hope everyone is becoming more familiar with!
Best of luck with move-in and the start of school, everyone!