Vulnerable IoT devices and DDoS-as-a-service drive surge in attacks
British businesses are under siege from a growing wave of DDoS attacks, as new figures reveal the number of incidents has almost doubled over the past six months.
UK organisations suffered an average of 237 DDoS attacks per month during Q3 2017, equivalent to eight attacks every single day. This figure is up by 35% from the previous quarter, and more than 90% compared to Q1 2017, according to a new report from DDoS mitigation firm Corero, based on data gathered from attack attempts against its customers.
DDoS attacks work by flooding a target server with so much traffic that it falls over, disrupting normal operations and knocking any related systems or services offline. The tactic is a perennial favourite of cyber criminals and malicious pranksters, as it is cheap and easy to execute.
This has become even more true in recent years. The leaking of the Mirai source code, used to take down a DNS firm providing access to high profile sites like Twitter, has led to an explosion in botnets populated by thousands of unsecured IoT devices, and dark web marketplaces now allow non-technical users to cheaply hire DDoS services that can be directed against whomever they choose.
“The growing availability of DDoS-for-hire services is causing an explosion of attacks,” said Corero CEO Ashley Stephenson, “and puts anyone and everyone into the crosshairs. These services have lowered the barriers to entry in terms of both technical competence and price, allowing anyone to systematically attack and attempt to take down a company for less than $100.”
Cyber criminals are also getting smarter about how they deploy DDoS attacks, the research reveals. Rather than simply using sustained, high-volume attacks, criminals are instead targeting multiple layers of a company’s security simultaneously with short bursts of traffic.
“Despite the industry fascination with large scale, internet-crippling DDoS attacks,” said Stephenson, “the reality is that they don’t represent the biggest threat posed by DDoS attacks today.”
“Often lasting just a few minutes, these quick-fire attacks evade security teams and can sometimes be accompanied by malware and other data exfiltration threats. We believe they are often used in conjunction with other cyber attacks, and organisations that miss them do so at their peril.”