DDoS attacks on the rise: Error 404, page not found
DDoS attacks on the rise: Error 404, page not found
DDoS attacks on the rise: Error 404, page not found
- Author:
- March 20, 2023
Distributed denial-of-service (DDoS) attacks, which involve flooding servers with requests for access until they are slowed down or taken offline, have increased in recent years. This development is accompanied by an increase in ransom demands from cybercriminals to stop an attack or not conduct one in the first place.
DDoS attacks on the rise context
Ransom DDoS assaults increased by almost a third between 2020 and 2021 and increased 175 percent in the final quarter of 2021 compared to the previous quarter, according to content delivery network Cloudflare. Based on the company’s survey, just over one in five DDoS assaults were followed by a ransom note from the attacker in 2021. In December 2021, when online stores are busiest during the run-up to Christmas, one-third of respondents said they had received a ransom letter due to a DDoS attack. Meanwhile, according to a recent report from cybersolutions company Kaspersky Lab, the number of DDoS attacks increased by 150 percent in the first quarter of 2022 compared to the same period in 2021.
There are several reasons why DDoS attacks are on the rise, but the most significant is the increasing availability of botnets—a collection of compromised devices used to send illegitimate traffic. In addition, there is a growing number of devices connected to the Internet of Things (IoT), making it easier for these botnets to access. Distributed denial-of-service attacks are also becoming complex and harder to prevent or even detect until it’s too late. Cybercriminals can target specific vulnerabilities in a company’s system or network to maximize the impact of their attack.
Disruptive impact
Distributed denial-of-service attacks can have disastrous consequences for organizations. The most obvious is a disruption to services, which can range from a slight slowdown in performance to a complete shutdown of the affected systems. For critical infrastructures like telecoms and the Internet, this is unthinkable. Information security (infosec) experts found that global DDoS attacks on networks surged since the beginning of Russia’s invasion of Ukraine in February 2022. From March to April 2022, worldwide Internet monitoring firm NetBlocks has tracked service assaults on Ukraine’s Internet and identified regions that have been heavily targeted, including outages. Pro-Russian cyber groups have been increasingly targeting the UK, Italy, Romania, and the US, while pro-Ukraine groups have retaliated against Russia and Belarus. However, according to Kaspersky’s report, the targets of DDoS attacks have shifted from government and critical infrastructure to commercial entities. In addition to the rise in frequency and severity, there has also been a change in the preferred DDoS attack. The most common type is now SYN flooding, where a hacker quickly starts connecting to a server without pushing through (half-open attack).
Cloudflare found that the largest DDoS attack ever recorded took place in June 2022. The assault was directed at a website, which was flooded by over 26 million requests per second. While DDoS attacks are often seen as inconvenient or annoying, they can have serious consequences for the targeted businesses and organizations. Columbia Wireless, a Canadian Internet service provider (ISP), lost 25 percent of its business due to a DDoS attack in early May 2022. Organizations have several options to protect themselves from DDoS attacks. The first is deploying Internet Protocol (IP) stresser services, which are designed to test the bandwidth capabilities of an organization and can identify any potential weakness that could be exploited. Firms can also employ a DDoS mitigation service that deters traffic from the affected systems and can help minimize the impact of an attack.
Implications of DDoS attacks on the rise
Widers implications of DDoS attacks on the rise may include:
- The increased frequency and severity attacks during the mid-2020s, especially as the Russia-Ukraine war intensifies, including more government and commercial targets designed to disrupt critical services.
- Companies investing large budgets into cybersecurity solutions and partnering with cloud-based vendors for backup servers.
- Users experiencing more disruptions when they access services and products online, particularly during shopping holidays and particularly in e-commerce stores targeted by ransom DDoS cybercriminals.
- Government defense agencies partnering with domestic technology firms to boost national cybersecurity standards and infrastructure.
- More employment opportunities within the infosec industry as talent within this sector becomes more in demand.
Questions to consider
- Has your company experienced a DDoS attack?
- How else can companies prevent these attacks on their servers?
Insight references
The following popular and institutional links were referenced for this insight: