Compared to Q3 2020, the total number of Distributed Denial of Service (DDoS) attacks increased nearly 24%, while the total number of smart attacks (more advanced and targeted DDoS attacks) increased 31% over the same period last year.
Some of the hardest hit targets have been pandemic coping tools, government organizations, game developers and well-known cybersecurity publications. DDoS attacks, or Distributed Denial of Service, aim to overload a network server with constant requests for services in order to block it and prevent users from accessing. This type of attack can cause severe business disruptions that can last anywhere from a few minutes to several days. Then there are “smart” DDoS attacks, which are even more sophisticated and targeted, and can be used not only to interrupt services, but also to make certain resources inaccessible or to
steal money.
In the third quarter of 2021, both types of attacks increased. Compared to the third quarter of 2020, the total number of DDoS attacks increased by 24%, while the overall number of “smart” attacks grew by 31%. Even looking at the second quarter of 2021, there is an increase in both types of attacks. The highest percentages of resources attacked were found in the United States (40.8%), followed by Hong Kong and China
continental. Finally, in August, Kaspersky recorded a record number of DDoS attacks occurring in a single day: 8,825.
Some of the most important large-scale DDoS attacks spotted in the last quarter involved a powerful new botnet called Mēris, which is capable of sending a huge number of requests per second. This botnet was detected in attacks against two of the best-known cybersecurity publications: Krebs on Security and InfoSecurity Magazine.
Additionally, further trends for DDoS attacks were noted in the third quarter of 2021. Particularly,
In Europe and Asia, some politically motivated attacks and others targeting developers of
video games. In several countries, attackers have targeted a variety of resources aimed at fighting the
pandemic; in addition, in Canada, the United States and the United Kingdom, there have also been registered
ransomware attacks against telecom providers. Cybercriminals showed up
as members of the REvil ransomware group and downed the companies’ servers for
force them to pay a ransom.
Kaspersky researchers also witnessed a very unusual DDoS attack at a state university that lasted for several days. While attacks on educational resources are not uncommon, this has been particularly sophisticated. The attackers targeted the accounts of candidates at a state university, and chose an attack vector that made the resource completely unavailable. The attack continued even after the filtering processes began, which rarely happens.
“Over the past two years, we have seen a competition between cryptomining and DDoS attack groups for resources, as many of the same botnets used for DDoS attacks can also be used for cryptomining. While before we saw a decline in DDoS attacks and cryptocurrency gaining value, today we are seeing a redistribution of resources. DDoS resources are in high demand and attacks are profitable. We expect the number of DDoS attacks to continue to increase in the fourth quarter as well, especially as, historically, DDoS attacks tend to increase towards the end of the year “, he has
commented Alexander Gutnikov, Kaspersky security expert.
You can find out more about DDoS attacks in the third quarter of 2021 on Securelist.
To protect yourself from DDoS attacks, Kaspersky experts recommend:
– Protect web resource operations with specialists who know how to respond to attacks
DDo;
– Verify all third party agreements and contact information, including those entered into with i
internet service provider, so that teams can quickly access these
information in the event of an attack;
– Implement professional solutions to safeguard your organization from attacks
DDoS. For example, Kaspersky DDoS Protection combines Kaspersky’s experience in the fight
cyber threats and the company’s unique internal developments;
– Know your traffic, and use network and application monitoring tools
to identify trends. Understand the typical traffic patterns and characteristics of
your company helps establish a foundation to more easily identify which unusual activities
they could indicate a DDoS attack;
– Prepare a plan B for ready defense, in order to be able to restore
business-critical services quickly in the face of a DDoS attack.