DDoS Attacks are up Because the Money is Easy
Counting on the ethics of an attacker is a very bad strategy for DDoS mitigation. Based on the analysis in Neustar’s 2017 Worldwide DDoS Attacks and Cyber Insights Research Report, you can expect the level of havoc raised by DDoS attackers to continue soaring.
Consider these statistics from Neustar’s DDoS Security Operations Center (pp. 34-36):
- Comparing Q1’17 to the same period in 2016, mitigations nearly doubled
- Attack volume was up even higher than last year
- Multi-vector attacks more than tripled
- Average size of attacks was higher
The rising bandwidth consumed by DDoS attacks is a sign that hackers have incredibly powerful tools, which gives them plenty of “firewood” to start five-alarm blazes all over the internet. The report shows that just 17% of attacks are under a gigabyte in size. About half (47%) are between 1 and 20 Gbps. And 28% are over 20 Gbps.
REPORTED BANDWIDTH OF DDOS ATTACKS (p. 11)
The tools enabling these monster attacks include malware and botnet code targeting DNS vectors, DNSSEC domains and complex TCP SYN flood attacks. With so many more resources that can be easily marshaled, both economically and electronically, it’s little wonder attacks have become more determined and more dangerous.
And there’s very little out there to discourage hackers from using these readily available tools. Many hackers operate in nation states that leave hackers alone – especially when the bad guys have threatened weak or non-existent law enforcement with swift retribution if anyone goes after the criminals. In essence, DDoS attackers are globally operating at will.
Many DDoS attacks are launched for easy money. We see this almost on a weekly basis worldwide. The DDoS attack is really used as a smokescreen to sneak into a network for other nefarious reasons. In 43% of the attacks, malware was activated (p. 22). And one of the most nefarious types of malware is ransomware, which occurred in 23% of attacks – it’s fallout is being experienced globally by all types of businesses. When ransomware strikes a target, the organization must pay electronic cash in exchange for unlocking its data. DDoS attacks are highly profitable.
In a way, the research shows that we’ve entered a new phase of DDoS attacks. Cyber criminals used to launch DDoS attacks simply for disruption and chaos as they crippled websites and stopped online commerce. Now the attackers are getting smarter, using DDoS to generate cash for their own coffers.
I hope you download our report here and study the data carefully. It should be an eye opener for your own organization, for it’s more important than ever before to strengthen your DDoS defenses. If you don’t, the result can truly be a disaster.