DDoS attacks in 2017 show that anyone can be both cyber-criminal and cyber-victim
Numerous reports have showcased the rise of Distributed Denial of Service (DDoS) attacks during 2017. As we now embrace a new year, it is useful to look back and take note of the growing scale and changing nature of DDoS attacks, so that businesses of all sizes can plan their defences against this form of cyber-crime for 2018.
This is according to Arbor Network’s territory manager for sub-Saharan Africa, Bryan Hamman, who says, “Cyber-criminals are aware of the significantly increased reliance on the internet today in doing business. This means that if a company’s access to the internet can be taken down, the company will be negatively affected. DDoS threats have become much more sophisticated and commonplace as cyber-criminals seek to find new ways to wreak havoc and gain an advantage.”
During 2017, the growing availability of ‘DDoS-for-hire services’ played a role in causing a dramatic explosion of attacks. This development meant that, in terms of both technical competence and price, almost anyone could choose to systematically attack and attempt to take down a company for less than $100. These DDoS-for-hire services mean that the ‘client’ requires very little knowledge of coding in order to become a DDoS threat to a target.
Hamman notes that, while the costs of launching a DDoS attack have been potentially massively reduced, the costs incurred by the victims for reputational damage and lost revenue – for example, an online store that is taken offline – remain significant. He says, “The use of malware turns devices, including IoT devices, into becoming an unwitting part of a botnet army, in other words a network of private computers infected with malicious software and controlled as a group without the owners' knowledge. When a botnet army reaches a certain size, it is used to launch DDoS attacks on networks. The attacks will be turned off and the network allowed to function normally again, in return for a ransom paid in Bitcoin payments.”
The threat landscape during 2017 recorded some of the following sinister facts:
· One-third (33 percent) of organisations surveyed in 29 countries reported facing a DDoS attack in 2017 – which is up from only 17 percent in 2016. Over half of these businesses were SMEs.
· In addition to the rising trend of DDoS-for-hire services, we are also starting to see another trend of an attacker race to infect vulnerable devices, to try to effectively prevent other attackers from taking over a target.
· Although large-scale DDoS attacks make global news headlines, an equally sinister threat lies in the less-reported but more frequent modest-sized, short-duration DDoS attacks, which typically last as little as 10 minutes or less.
· We have also seen DDoS attacks being used to distract security personnel, allowing hackers to penetrate a network and to plant ransomware or malware.
Hamman concludes, “In today’s threat landscape, it is critical to have a DDoS defence response plan, which is kept updated and rehearsed on a regular basis. The allure of data means that it is no longer large enterprises that can expect to be the primary targets of a DDoS attack – anyone is vulnerable, no matter the size of the company. As with the theft of items in the physical world, if someone of ill intent thinks that you have something of value that is worth stealing, you can expect to be a target. The rise of DDoS-for-hire services has shown us that today, anyone can be a target and almost anyone can choose to put themselves in the role of the villain.”