vice (DDoS) attacks is an important step toward preventing them. But understanding exactly what attracts a DDoS attack to your website is critical because that motivation is a vital clue for effective mitigation.

Neustar’s 2017 Worldwide DDoS Attacks and Cyber Insights Research Report peels back the onion skin to reveal where attackers are focusing their attention, and why.

Everyone is familiar with the most common byproduct of a DDoS attack: it shuts down a website and prevents anyone from gaining access.

But our research discovered in half of all attacks, the assault was a smokescreen. It covered malicious activities while hackers pierced the business’s network, planted malware or stole data. Specific malicious activities occurring during DDoS attacks included (p.22):

As you can see, DDoS has evolved beyond those assaults that simply wish to create disruption or embarrassment to a business. Far more often, in nearly half the organizations that report being attacked, DDoS attacks are used as part of an arsenal to achieve serious objectives. Large attacks make the headlines. Attacks used in concert with other malicious cyber assaults create major damage.

Some DDoS attacks entail both objectives of damage and interruption. The reasons for particular risks vary from sector to sector. For example, an attack may hit a retailer in order to cripple online sales, or strike a bank to stop electronic transactions. For a biotech business, a DDoS attack might be used as cover for stealing intellectual property stored on the network. Or the attack may seek to stall online sales while stealing payment card data.

Every business entity is at some kind of risk. So it’s essential to understand what kind of exposure makes your organization an attractive target for a DDoS attack.

Motivation for attacks may include ideology. For example, an environmentalist might seek to cripple the website of a company it perceives as a polluter or abuser of natural resources. A political activist might lash out at a city, state or federal government it perceives as abusing human rights. The payoff is news headlines that call attention to the perceived abuses and resulting chaos for the target organization.

Theft and illegal profit are often strong motivations for using DDoS attacks because they work. Malware can exist in organizations for months before being detected. Using DDoS attacks to paralyze elements of infrastructure or to create distractions while malware is activated is lucrative business to bad actors. This category is climbing in popularity as attackers discover how easy it is to generate quick cash.

I urge you to download the report here and study the data. The better you understand your organization’s specific, unique vulnerabilities, the more you will be able to plan for an effective DDoS solution that will keep your website safe and online.