- Distributed Denial of Service (DDoS) attacks have evolved and become more frequent.
- This is particularly true for Q1 2020, which, according to a Kaspersky report, saw a significant increase in DDoS attacks, both in quantity and quality.
Distributed Denial of Service (DDoS) attacks have evolved and become more frequent. This is particularly true for Q1 2020, which, according to a Kaspersky report, saw a significant increase in DDoS attacks, both in quantity and quality.
The sharp rise has seen educational platforms, medical organizations, delivery services, and gaming websites targeted by attackers. The pandemic has also left its mark on cryptocurrencies with OKEx and Bitfinex suffering DDoS attacks and consequently dealing with system overloads on their servers.
Although it is typical for the first quarter of every year to experience a rise in DDoS attacks, rates have surged by 50% in comparison to Q4 of 2019. Since this time last year, DDoS attacks have risen by as much as 80%.
According to the Organisation for Economic Co-operation and Development,
“Cybercriminals are counting on the likelihood that individuals and organisations will more easily fall for scams or pay ransoms in periods of stress and crisis, in particular those who lack good digital security practices or face organisational disruptions. However, as their attack techniques and malicious code are not new, the application of basic digital security “hygiene” is an effective way to mitigate these attacks.”
How Long Will DDoS Last?
One of the most notable attacks that occurred during the coronavirus lockdown targeted the US Department of Health and Human Services. In an attempt to weigh down the servers, the attack lasted several hours. This comes with another trend recorded by Kaspersky in Q1 2020, which shows that attacks have increased in duration by 25%.
“Outage of internet services can be especially challenging for businesses now, because this is often the only way to make goods and services available to their customers. In addition, widespread adoption of remote working opens new vectors for those responsible for carrying out DDoS attacks. Previously most attacks were conducted against the public-facing resources of companies.
We now see that DDoS attacks target internal infrastructure elements, for example, corporate VPN gateways or email servers,” says Alexey Kiselev, business development manager on the Kaspersky DDoS Protection team.
The Shift in DDoS Attacks
Those most targeted by cybercriminals, according to Kaspersky, include government agencies, administrative domains, educational systems, as well as shopping platforms. Users are increasingly relying on COVID-19 guidance sources, home-working tools, and e-commerce websites, consequently making those tools and platforms more at risk.
The Driz Group reports, “In addition, last March, with the spike of online shopping due to COVID-19, RiskIQ reported that it detected a 30% increase in Magecart skimmers – a type of cyberattack that involves digital credit card theft by skimming online payment forms.”
The cost of DDoS attacks is estimated to be around $500 billion, with experts claiming that approximately 50 million attacks go undetected each year. Preventing and protecting against DDoS attacks requires not only automation technology but also human intelligence and constant monitoring if your company website.
One misconception regarding DDoS attacks is that your internet service provider (ISP) can protect you from an attack. This is because many providers are offering DDoS protection as part of their service to increase customer retention.
Unfortunately, ISPs, for the most part, lack the technology and the expertise to do so. This ensures that the most basic and most cost-effective protection made available to customers. Users believe that they’re protected against the latest attacks, including dynamic IP attacks, burst attacks, DDoS floods, and application DDoS attacks, when in reality, they’re not.
Many organizations also rely heavily on public cloud vendor security tools. Once again, this is basic level protection, which is especially true when it comes to DDoS attacks. Furthermore, these tools will typically only protect the data that is hosted on that particular cloud environment, leaving other assets vulnerable.
Understanding the fundamentals of how a DDoS attack works is essential in preventing it from happening to you. However, the best form of protection comes in the form of multi-layered cloud security, monitored by experienced professionals.
DDoS Protection in 2020 is Essential
Businesses are increasingly moving to digital platforms now, more than ever before, which comes with its own set of threats.
DDoS attacks are on the rise, as is evident by the statistics provided by numerous reports. The unique issue with DDoS protection is that it varies by network, technology, and service.
This is why it is vital to invest in a DDoS protection service, which does beyond basic protection.