This year, the frequency of DDoS attacks has nearly tripled, according to security firm Akamai.
2015 saw some 1500 DDoS attacks – an 180 percent increase from last year. However, the average attack is shorter in length and lower in volume than in the past. The average DDoS attack lasted 18.86 hours, down from 22.36 hours in 2014.
There are several variables as it relates to the customer posture with regard to always on versus on demand which allows for mitigation to be applied faster and in some instances more proactively, the other variable is that the actors seem to be doing more probing of the customer environment which means shorter attack duration to potentially identify vulnerabilities,” Lisa Beegle, information security manager for Akamai, told SCMagazine.com in an email.
The US and China are the sources of most attacks.
Recently, Anonymous claimed responsibility for a massive 40Gbps DDoS attack on Turkish DNS Servers hosted under NIC.tr. The reason behind the attack seems to be that Turkey allegedly supports ISIS, the terrorist group.
Online gaming is the most targeted industry, with a 50 percent increase during the third quarter of the year. Incidents related to high-profile game releases, such as Call of Duty Black Ops, made online gaming the most targeted industry for more than a year, according to the report.
Who is behind DDoS attacks?
By nature, DDoS attacks are anonymous. Most of them use IP address spoofing to make the source of attacks almost impossible to identify.
Anyone can launch an attack within seconds: organized cyber-crime groups, state-sponsored hacking groups, a disgruntled student looking for revenge, a former employee searching for blackmail motives or a hacker trying to prank the educational system.
What’s more, an attack can be deployed by relatively unsophisticated attackers who pay for easily available, low-cost DDoS-for-hire services. Pre-packaged DDoS toolkits are also available for anyone with minimal know-how to use.
Sometimes, hackers use DDoS attacks as decoys to occupy security staff while they attack networks and steal data. While IT staff is tied up with the disruption, attackers can plant malware and prepare other types of attacks with more severe security implications.
How to prepare for a DDoS attack
Anyone can become a victim.
Unfortunately, DDoS attacks are extremely complex. Multiple layers of filtering are required to secure networks and web applications. Key preventative measures include using a cloud-based anti-DoS/ DDoS service that routes suspicious traffic to a centralized location and filters out malicious traffic. It absorbs a high volume of malicious traffic across a distributed network of servers to shield a company’s website and applications.
Good web-application hygiene (updates and patches) is also essential for defending against denial of service disruptions in 2016.