Distributed denial of service attacks, better known as DDoS attacks, are becoming more and more common these days. Once the purview of mostly teenagers who sought refuge in random internet vandalism, DDoS attacks are now the preferred tool of hacktivists, professional cybercriminals and in some cases, even national governments.
The statistics speak for themselves. DDoS attacks are greater in number today, getting bigger all the time and causing more damage than ever before.
A10 Networks reports that a mere 10 percent of DDoS attacks in 2015 crossed the 50 gigabits per second size threshold. In 2017, that number was 42 percent. In another report by Deloitte Global, it says the largest DDoS attacks in 2013 were around 300 gigabits per second. That went up to 400 gigabits in 2014 while for 2015, the figure was well past 500 gigabits. This indicatesa progressive annual increase in the size of the largest attacks.2016 however saw a massive jump;there were two attacks that crossed the 1,000 gigabits mark.
What explains this exponential rise?
That is a question most websites and businesses have been grappling with for some time now. What’s definitely helping the cause is the easy availability of DDoS-as-a-service platforms and ready-to-go DDoS kits, which many budding attackers are using to execute their DDoS attacks. Another factor working to their advantage is the proliferation of the Internet of Things which is rendering millions of inadequately secured devices susceptible to botnets. Then there is also the decline of erstwhile money-spinners like spam that has forced botnet operators towards newer money-making avenues. To call it the perfect storm wouldn’t really be out of place.
Here we look some other reasons why DDoS attacks are on the rise and how you can combat it.
- A Surfeit of New Devices
It is the age when moredevices are getting on the internet bandwagon with each passing day. And these are not devices that we use once in a while but ones that we use every single day, and in some cases, every single hour of our lives. Examples include refrigerators, television sets, security cameras, printers, washing machines etc. A consequence of this is that security is usually compromised in favor of better connectivity and more convenience.
According to Tony Kourlas, who is the director of product marketing at Nokia’s Carrier SDNtechnology, “Most off-the-shelf devices are using standard kernels that are easy to hack into”. What makes matters worse is that “most are using default passwords.”He further said that puts millions of devices at the risk of being hacked into.
Similar sentiments were expressed by Chet Wisniewski, who is the principal research scientist at Sophos. “Our PCs, phones, and IoT devices are all so powerful that when commandeered by a criminal, we don’t even notice them slow down or use more internet bandwidth. This allows for the slow building of incredibly large botnets that are never remediated.”
In the end, this makes it very difficult to stop a DDoS attack when it is unleashed. Only the best DDoS protection can help keep your device or website afloat in such a scenario.
- Inadvertent Consequences
An unexpected side effect of the rise in DDoS attacks is that the growth of spam botnets has been checked. For those of you who use email on a daily basis, that is definitely good news. For spammers, spamming is no more as profitable and to compensate for lost revenue, the focus has shifted towards delivering ransomware. The problem here is that those very botnets could also be used to deliver DDoS attacks.
- More Botnets Means More Victims
As botnets have grown bigger, cybercriminals are not just increasing the size of their DDoS attacks but also widening the scope of their targets. Most major IT companies around the world have experienced some sort of DDoS attacks. In fact, some companies have fallen victims even when they were not targeted directly.
That is because hackers have also started attacking DNS providers. Even a single attack has the ability to bring down several different websites. A recent case of an attack against DNS provider Dyn affected major companies like Twitter, Spotify, The New York Times, and Reddit, among others. In short, any entity or business that depends on their servers or website to conduct day to day business is a possible target of DDoS attacks.
The case for DDoS protection
The threat of a DDoS attack can be mitigated to a great extent by availing of a DDoS protection service. As can be seen from the abovementioned figures, these attacks are here to stay and are surely going to go up in frequency as well as magnitude in the near future. If your business or organization is irreversibly dependent on your website for its survival, hiring the services of a DDoS protection company might just come to your rescue in the worst case scenario.