DDoS attacks are still a danger, even during the lull period

Memcaching might have gone away but beware the rise of Mirai clones.

Distributed Denial of Service (DDoS) attacks – where attackers seek to take down a website or application by flooding it with requests – may well be old, but they never go away.

There were around 7.5 million DDoS attacks in 2017. According to a recent report from Verisign, there was a 53% increase in the number of DDoS attacks between Q4 2017 and Q1 2018, as well as a 47% rise in the attack peak sizes. Akamai’s most recent report found a 16% year-on-year increase in DDoS attacks. And there could be even more dangerous DDoS attacks on the horizon.

“At the moment the focus [of cybercriminals] seems to be on quick and easy revenue generators; ransomware, bitcoin mining,” says Bharat Mistry, Principal Security Strategist at Trend Micro.  “But the fact that you've got those compromised devices means it could come back around [to DDoS].”

Reports of IoT botnets originally used in DDoS attacks being made to send email spam or mine cryptocurrency are not uncommon. But as soon as they become less profitable or a new technique comes to light, those botnets are likely to return to being drones in DDoS as a Service attacks.

“There's a cyclical trend where attackers will attack as they discover new mechanisms and methodologies then take a little bit of time to retool as some of the defenses for network capabilities catch up,” says Carlos Morales, VP Cloud and Managed Services at Arbor Networks.

He warns that we’re currently at a fallow period in terms of DDoS attacks, and most attackers are currently retooling and experimenting with new techniques before they attack again in earnest.

A recent example of this was an attack on ProtonMail. The secure email provider went down intermittently after a hacker group named Apophis Squad tested a new DDoS booter service the group is developing against it. The group told BleepingComputer ProtonMail was chosen as the target seemingly at random, but then targeted after the company's CTO Bart Butler baited the group online.

To continue reading this article register now