Last year, we saw an 84% increase in the Distributed Denial of Service (DDoS) attacks as early as the first quarter, and businesses are bracing for attacks to continue in 2020. DDoS attacks have brought considerable losses even for large technology companies like Netflix and PayPal, bringing down their websites and restricting their ability to trade. One DDoS attack even brought down internet connectivity of the whole East Coast in the US several years ago. In this article, we provide a snapshot of DDoS attack trends last year, discuss the types of attacks that are prevalent in 2020, and discuss projections for the years to come.
What is a DDoS Attack?
A DDoS attack aims to disrupt the network, servers or business operations of a particular organisation. The attack is accomplished by draining the servers’ resources, rendering them incapable of responding to genuine users. For computer systems, this disturbance can be in the memory, disk space, or IP transit bandwidth, preventing their normal uncompromised operation.
Commonly, attacks work by flooding systems with server requests and traffic through a “botnet.” Botnets are usually hacked computers, but can also be Internet of Things (IoT) devices (such as baby monitors, CCTV cameras and smart thermostats) which are connected but unsecured.
A DDoS attack may be likened to a large street protest where people gather and block roads with the intent of drawing attention and sending a message. This attack will prevent vehicles from passing and businesses and services in that area from operating. Major traffic will likely ensue as a consequence of blocked roads, and unless this group is dispersed, the jam can last for hours.
The attacks come in various forms and sizes. They can be protocol-based (using particular TCP/IP packets), volumetric, or targeting specific application layers. Multi-vector types are a combination of any one of these, where an attacker uses multiple attack vectors at once.
What are the DDoS statistics for this year?
To have an understanding of the magnitude of the effects of these DDoS attacks, here’s a rundown of the most news-worthy trends in 2019 and some industry forecasts for 2020.
Increasing low-intensity attacks
When it comes to DDoS attacks, size does not necessarily determine severity. Some moves are quite sizeable, measured in packets or volumes that their impact comes in hundreds of gigabits per second while some may have just a few megabits but can still collapse business operations. The experts are divided as to which type is of the worst kind, but considering the impact, all attacks in numerous sizes and forms bring bad news to both companies and customers alike.
In its recent research, Neustar reports an increase in low-intensity but strategic attacks which target specific application layers in order to degrade server performance. As they are unique attacks, they may be undetected by commercial DDoS defences.
Multi-vector attacks are common
Neustar also reports that over 82% of mitigated attacks in Q2 2019 were of the type that used more than two vectors. They observed a considerable number of four-vectored assaults.
Larger volumetric attacks
Imperva reports an increase in high volume attacks. In particular, April of 2019 and January of 2020, their network recorded attacks between 580 million and 500 million packets per second. Imperva has so far recorded the most significant DDoS attacks in history: the strike was intended for their streaming services client and reached a peak of 292,000 requests every second.
Political and industry-based attacks
In the 2nd quarter of 2019, research by Kaspersky showed that DDoS attacks on high-profile clients increased. The US and China accounted for the most politically-linked targets, having 17.5% and 63.8% of all attacks, respectively. I
Specific industries are also more at risk. IBM X-Force research indicates that over 80% of DDoS attacks are intended for insurance industries and information/media services. This figure is based on botnet variants by Mirai, which is a typical form of malware targeting enterprises and Internet of Things (IoT) devices. Akamai research supports the same conclusion and has seen 800 assaults on the financial industry between December 2, 2018, and May 4, 2019.
Projections for 2020
DDoS attacks will continue to be a leading threat to businesses, irrespective of their industry.
Unfortunately, attacks continue to out-step the work of regulators and law enforcement agencies. Cisco reports that the number and size of DDoS attacks declined when the FBI closed up 15 of the most significant DDoS-for-hire online operations in December 2018. However, DDoS attacks are nevertheless predicted to double by 2022 to 14.5 million, based on the Visual Networking Index (VNI) by Cisco last 2017.
In this changing landscape, it is essential for businesses to build their IT infrastructure in a manner that is resilient to attacks. Intergrid specialises in DDoS mitigation and high-availability hosting. For more details on how we can assist, reach out to our team.