Posted on November 21, 2017 at 3:10 PM
A recent report confirmed that companies experienced a 91% increase in DDoS since the start of the year.
The security firm Corero Network has recently released its report titled DDoS Trends and Analysis. This report confirmed that companies and firms fell victim to a monthly average of 237 DDoS attacks during the third quarter of the year. This figure translates to eight DDoS attacks daily. The latest figures indicate a 35% increase in monthly DDoS attempts compared with the second quarter of the year, and a 91% increase compared to the first quarter.
According to Corero Network Security’s report, the high increase in DDoS attempts and attacks have been encouraged by several factors. Some of the most notable factors include more DDoS attack service providers which are popping up on the darknet, a failure on the side of companies to implement proper DDoS protection protocols, as well as an increasing amount of unsecured devices with internet capabilities.
A recent example is the dangerous Reaper botnet malware. The attack managed to infect thousands of IoT devices and proved to be particularly damaging as the botnet could find security flaws in any device, and exploit the flaws on the unprotected device. The Reaper botnet is not unlike a traditional computer worm as it is capable of infiltrating unprotected devices, and uses the device’s network to spread to other devices.
According to Corero CEO, Ashley Stephenson, since DDoS attack service providers have become more active, people have readily been hiring the DDoS attackers to launch an attack on any target of their choosing. Stephenson continued to state that DDoS-for-hire service providers have removed a very important technical barrier from anyone who seeks to cause damage to a company. The service providers are enabling their clients to launch an attack on any target for as little as $100. In addition to this worrying new trend, hackers have become seemingly more aggressive when it comes infecting IoT devices. According to Stephenson, hackers are seeking to infect as many IoT devices as possible which would allow them to develop larger and more dangerous botnets. Stephenson warned that botnets of this scale could have damaging and chaotic implications.
However, the Corero report confirms that attacks are not only increasing in frequency, but also in complexity. According to the report, attackers are using much more sophisticated attack techniques which uses multiple entry attacks to bypass detection from the targeted firm. During the second quarter of the year, a fifth of DDoS attempts used a multiple attack technique. The thought process behind a multiple-attack-vector is that it’s more likely to be successful in both weakening the target’s DDoS protections and infiltrating the system.
However, according to Stephenson, despite the increase in DDoS attacks, they’re not the biggest threat to the cyber community. The most worrying aspect of DDoS attacks is that hackers are using multiple attacks to evade detection from the target’s DDoS protection, but also to mask malware that the attacker might be injecting the target’s network with.
In addition to the increase of DDoS attacks, Corero also noted an increase in ransom denial of service (RDoS) attacks, especially during the third quarter of 2017. The hacker group known as Phantom Squad targeted several companies located in the US, Europe, and Asia since the start of the third quarter with RDoS attacks. The group targeted several industries including, the financial and banking services providers, to internet providers, gaming services, as well as SaaS organizations, and launched an RDoS campaign which requested payment in Bitcoin.
According to Stephenson, ransomware is one of the cybercriminals’ signature moves, and since the dawn of cryptocurrency, it’s a been a reliable way to make a profit without detection. Stephenson stated that we might soon witness an increase in RDoS attack intensity as a way for hackers to demand to be taken more seriously. However, Stephenson warned that it is never in the company’s interest to pay the ransom, as it encourages future attacks. Instead, Stephenson suggested that affected users prevent any attacks by having sufficient RDoS and DDoS protections in place, and if infected, they should try to eliminate the threat rather than succumbing to it.