Cyber attackers thrive on disruption: not just causing it, but also capitalizing on it in order to wreak havoc. By any stretch of the imagination, 2020 was a period of disruption, as the coronavirus pandemic swept the world. One of the myriad effects of the pandemic was people’s increased reliance on connected infrastructure for everything from shopping without leaving their homes to digital entertainment in the absence of going out to remote working in place of going into the office. Unfortunately, attackers were ready and waiting to find ways to exploit those trends to cause chaos.
One of the most prominent forms of cyber attack is known as a DDoS attack. Standing for Distributed Denial of Service, these attacks aim to knock out websites or online services by assaulting them with enormous bombardments of fake traffic. Like squeezing too much vehicular traffic down a street that’s not designed to cope with it, this has the effect of causing everything to grind to a halt. In the case of vehicular traffic, that would mean bumper-to-bumper gridlock. In the case of a website or online service, it means being rendered inaccessible to visitors.
For those without the necessary DDoS protection, the effects of an attack can be extremely damaging.
Attacks are ramping up
DDoS attacks have surged during COVID-19, increasing both in size and frequency. One chief reason for this is that DDoS attacks, as damaging as they can be, are comparatively easy to perform. They are among the simplest of malicious cyber attacks to initiate, requiring little in the way of sophisticated technical know-how to perform, especially when it comes to more straightforward DDoS iterations.
The barrier to entry is also getting lower all the time. DDoS attacks frequently involve a so-called “botnet” of infected devices which can be harnessed as a kind of zombie army to bombard targets with traffic. These botnets can range from hundreds of devices to, commonly, thousands, tens of thousands, or even more than a million infected devices. The infamous Mariposa botnet, one of the world’s biggest, was composed of around 12.7 million computers in 190 countries.
DDoS-as-a-service offerings make botnet attacks simpler by letting would-be cyber attackers “rent” a botnet for just a few dollars at a time. The size of botnets is only going to increase with the plethora of internet-connected IoT devices arriving on the market.
DDoS in the age of COVID
A recent report analyzed the DDoS landscape during 2020, the year the world was rocked by coronavirus. Among its findings were that, in a single month, a record 929,000 DDoS attacks were launched. In the year as a whole, this amounted to upward of 10 million worldwide. Monthly attack numbers also routinely exceeded the average from 2019, just one year earlier, by up to 150,000 attacks.
Many of these attacks focused on the sectors which had to rapidly shift online or upscale during the coronavirus crisis — from e-commerce sites to online learning. By targeting these sectors, attackers were able to cause maximum damage.
There was also a big spike in extortion-based DDoS attacks. In such attacks, cyber attackers threaten to hit targets with a DDoS attack, and use this threat to extract money in exchange for either not initiating the attack or stopping it. The group that emerged in 2020 was called Lazarus Bear Armada (LBA), likely affiliated with well-known (in an infamous way) entities like the Fancy Bear, the Lazarus Group, and the Armada Collective. Attacks were leveled at companies across a range of sectors, including the finance, travel, healthcare, insurance, energy, IT, and other industries.
DDoS protective measures
Protecting against DDoS attacks is more critical than ever. While the world may be starting to emerge from the pandemic, even before COVID-19 burst onto the world stage, DDoS was a big threat. With certain industries and sectors likely to remain more digitally focused — for instance, “blended learning” in the educational sector — DDoS will continue to pose a major risk.
Fortunately, the tools exist to help safeguard against threats. DDoS protective measures can help to protect businesses and other organizations by detecting bad traffic and stopping it in its tracks, while allowing genuine, legitimate requests to reach their destination. That means stopping the bad actors, without inconvencing the good ones. Cybersecurity tools can additionally assist with absorbing large-scale DDoS attacks without collapsing under the strain, allowing services to continue to operate even when being targeted by DDoS attackers.
DDoS attacks have the potential to cause significant harm — whether it’s triggering unrequested downtime for companies whose websites and services are knocked offline or the long-term reputational damage that victims may suffer due to not being available when users most need them.
Ensuring that you use the right protective measures is not only smart; it has the possibility to be an essential game-changer.