DDoS attacks experiencing major resurgence

The most discussed topics in cybersecurity tend to be things like ransomware, cryptojacking, and data breaches. One topic of discussion that has faded from the forefront is distributed denial of service (DDoS) attacks. While they still occur, for many researchers there was a noticeable lull in their activity compared to a couple years ago. According to new research, however, this is no longer the case as DDoS attacks are suddenly on the upswing.

The research comes from Kaspersky Lab’s report DDoS Attacks in Q1 2019 which details numerous fascinating statistics about the well-known cyberattack method. According to the report, when compared against Q4 in 2018, DDoS attacks have seen an 84 percent increase in the first quarter of 2019. One reason for this appears to be a sudden uptick in new services/botnets that allow for massive DDoS operations.

Some of the new DDoS culprits mentioned in the report include Cayosin, which is a botnet that is “assembled from elements of Qbot, Mirai, and other publicly available malware.” Additionally there is strong evidence showing that a new variant of the infamous Mirai botnet is currently in the wild. This version of Mirai specifically is set up to attack business devices and appears to be incredibly complex.

This is only one part of the reason for the rise in DDoS attacks, however, as the Q1 report from Kaspersky also shows the following data:

The maximum attack duration decreased by more than a day against the previous quarter, although the percentage share of sustained DDoS sessions continued to rise and amounted to 21.34 percent (versus 16.66 percent in Q4 2018)... The share of SYN flooding increased to 84 percent, bringing down the share of UDP and TCP flood, while the share of HTTP and ICMP attacks rose to 3.3 percent and 0.6 percent, respectively... The share of Linux botnets decreased slightly, but still remains predominant (95.71 percent)... Most botnet C&C servers are still located in the US (34.10 percent), with the Netherlands in second place (12.72 percent), and Russia in third (10.40 percent).

According to an article that InfoSecurity’s acting editor Michael Hill wrote on the report, there is also the reality of cybercriminals adapting new strategies that caused the rise. In an interview conducted for the article, Kaspersky Lab’s Alexey Kiselev stated the following:

New DDoS services appear to have replaced ones shut down by law enforcement agencies. As organizations implement basic countermeasures, attackers target them with long-lasting attacks. It is difficult to say if the number of attacks will continue to grow, but their complexity is showing no signs of slowing down.

While it is unknown what the future holds for this cyberattack methodology, it would be foolish for security teams to ignore this data. Any increase in specific attacks should be cause for concern, and additionally, should cause blue teams in particular to prepare their defenses accordingly.

Featured image: Shutterstock

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Published by
Derek Kortepeter

Recent Posts

Microsoft 365 troubleshooting: Diagnostic tools at your fingertips

Many Exchange Server troubleshooting tools don’t work with Microsoft 365. Fortunately, Microsoft has a bunch…

2 days ago

LSU hospitals latest health system hit by cyberattack

The LSU hospital system has experienced a breach of patient data after a cyberattack as…

2 days ago

Business email compromise cybercrime group members busted

Business email compromise cyberattacks have been on the rise, and now some allegedly prominent players…

3 days ago

Making retail mobile e-commerce apps more secure

Many e-commerce mobile apps are insecure, opening the businesses that use them to severe risks.…

4 days ago

With eyes on the ‘Zoom boom,’ Microsoft launches Teams apps for meetings

Microsoft continues to leverage its hot Microsoft Teams. With an eye on the popularity of…

4 days ago

Exchange 2019 and 2013: Is coexistence possible? Yes, here’s how

Exchange 2019 and 2013 coexistence can be achieved, but the road is winding and filled…

4 days ago