All these days we have been discussing Distributed Denial of Service attacks aka Ddos attacks and the massive amounts of fake traffic they create to network disruptions in corporate and government networks.
But Yo-Yo DDoS Attack is different and seems to be an innovative way to attack public cloud infrastructures. Technically, they target cloud architecture’s auto-scaling capabilities to hurt those allocated with a portion of blobs on a financial note. They target the cloud with fake web traffic, thus immensely pressuring the cloud resources such as load balancing, front end services and other cloud services. The hackers then halt the web traffic, keeping the cloud over-provisioning of resources intact that keeps the billing counter ringing. As the attacker downs and ups the traffic, and keeps repeating the cycle, hence it’s been named as a Yo-Yo attack.
Yo-Yo attacks are difficult to identify as a kind of resource provisioning demand can also arise from the legitimate application requests. And cyber crooks indulge in such tactics to damage SMBs that have limited cloud budgets and put a temporary or permanent financial dent on them.