Kaspersky Lab: DDoS Attacks Are Getting Smarter and More Widespread
Security firm Kaspersky Lab says that distributed denial of service attacks—which overwhelm servers with data requests to take them down—are becoming geographically more widespread. Its analysis shows that 86 countries were hit by the attacks in the second quarter of 2017, up from 72 in the first quarter. And it saw some long attacks take place, too—the longest being sustained for an impressive 11 days.
Not only were the duration of DDoS attacks in Q2 notable, the geography of incidents also showed a dramatic change, with organizations with online resources located in 86 countries targeted, compared to 72 countries in Q1. The top 10 most affected countries were China, South Korea, U.S., Hong Kong, U.K., Russia, Italy, the Netherlands, Canada and France — with Italy and the Netherlands replacing Vietnam and Denmark that were among the top targets in Q1.
During this timeframe, the targets of DDoS attacks included one of the largest news agencies, Al Jazeera, Le Monde and Figaro newspaper websites and reportedly, Skype servers. Additionally, an increase in cryptocurrency rates led to cybercriminals trying to manipulate prices through DDoS. Bitfinex, the largest Bitcoin trading exchange, was attacked simultaneously with the launch of trading in a new cryptocurrency called IOTA token. Earlier, the BTC-E exchange reported a slowdown due to a powerful DDoS attack.
Meanwhile, analysis by consultancy firm Frost and Sullivan suggests that hackers are getting wise to tools used to spot and shut down the attacks, and are now modifying their hacks accordingly. “Traditional DDoS detection tools that rely on baselines and sampling require time to accurately diagnose an attack in progress before starting the mitigation process. [So some] attackers are utilizing ‘hit-and-run’ style attacks, lasting only a few minutes, in order to defeat time-dependent defenses,” Frost & Sullivan’s network security analyst, Chris Rodriguez, explained in a statement.
Many of these DDoS attacks are carried out using growing groups of enslaved Internet-connected devices, known as botnets of things, which are used to bombard servers with requests. President Donald Trump has called for a crackdown on the zombie hardware armies, but it’s not clear if his plans will work.