Posted on June 25, 2019 at 2:48 PM
DDoS-as-a-Service Websites Returning in 2019: Did the FBI Crackdown Only Delay the Inevitable?
DDoS attacks are one of the most damaging forms of cyberattacks. These attacks use massive botnets to target all kinds of websites, online services, and alike. In recent years, a trend of DDoS-for-hire websites emerged, where anyone could employ a botnet for conducting their own attacks or pay hackers to do it for them. The trend became so big that the FBI itself reacted, entering a collaboration with numerous other agencies around the world to conduct a major crackdown.
The crackdown resulted in closing multiple such websites, numerous arrests, and was considered a major success that crippled the DDoS-as-a-service trend. However, it would seem that the victory did not last for very long, as these websites started making a comeback in 2019, at least according to a recent Nexusguard Threat Report, called “Q1 2019 Threat Report.”
The return of DDoS-for-hire websites
The FBI crackdown happened in Q4 2018, and while many believed that DDoS attacks would diminish as a result — whether because of the reduced number of DDoS-for-hire websites or because others might lay low in fear of suffering the same fate — this did not happen. In fact, it appears that their volume surged by 40 times compared to the previous quarter. This makes DDoS one of the largest threats in 2019 as well.
Nexusguard’s Threat Report measured thousands of DDoS attacks worldwide. The measuring uncovered that DNS amplification attacks were mostly used against telcos and CSPs in Brazil, at least as far as this quarter is concerned. One of the most notable targets was one of South America’s largest banks, with over 17% of attacks being used against it.
These attacks are also known as ‘Bit and piece’ type of attacks, due to them being smaller than 1 Gbps. However, they are still quite dangerous and damaging, and since the start of 2019, experts have noticed that they are becoming more targeted and automated. Not only that, but they even managed to bypass detection in a great number of cases.
Since the attacks are evolving, researchers from Nexusguard warned CSPs, stating that they have to approach the attacks with a cloud-based, scalable DDoS detection and mitigation. This is the best way to reduce the amount of damage that the attacks can cause. If they do not address the attacks appropriately, they could fall victim to them, and even pass on malicious traffic, which could result in the customers’ confidence in their safety dropping.
The attacks are evolving
Apart from the surge in DDoS attack services themselves, researchers have also noted a surge in the number of connected devices. It is clear that hackers are doubling their campaigns. This was also confirmed by Nexusguard’s CTO, Juniman Kasman, who said that it does not seem like DDoS campaigns will stop being a threat to organizations. In other words, businesses are the ones who will have to change, and make sure that their protections evolve in order to stand up to evolving attacks.
This is the only way to ensure the services’ uptime, as well as avoid damages — be they legal, reputational, or otherwise.
Nexusguard also points out that there is a shift in the type of devices that the attackers are using for creating botnets, many of which are now dominated by mobile devices. This has also allowed botnets themselves to evolve into a new breed, and start causing a different type of attacks. The new form of attacks has a maximum attack duration of more than 40,000 minutes (over 27 days).
This may cause smartphone users to experience an unnaturally slow performance of their devices, large spikes in data usage, as well as shortened battery life. All of these are signs that their devices are infected with malware, and are likely being used as part of a botnet. Researchers advise that phone users make sure that their devices are up to date, and that they have all the recent patches for various apps and software itself installed.
Meanwhile, suspicious apps should be uninstalled, and it is also recommended to have an anti-virus or anti-malware software installed, with regular scans. These methods are the best way to keep phones clean of malware, viruses, and similar threats.