They always say to not underestimate the impact you as a single solitary person can have on the world. After all, one individual could be capable of saving dozens of lives, come up with an invention that betters existence for millions, and even changing the course of history.
An individual could also single-handedly touch off a firestorm of DDoS for hire activity in a massive region of the globe. So there’s that, too.
Old tricks
On the whole, DDoS attacks are nothing new, and neither are DDoS for hire services. If there is suddenly a rash of Southeast Asian businesses furiously Googling what is DDoS while their security personnel panic, it’s because up until now, those businesses have been pretty lucky. As it tends to, however, that luck has run out.
DDoS or distributed denial of service attacks use the collective computing resources of a botnet to direct large amounts of junk traffic or malicious requests at a target in order to leave the target so overwhelmed dealing with the illegitimate traffic or requests that it can’t deal with those from legitimate users, often resulting in downtime. DDoS for hire services rent out the use of botnets so that anyone with an internet connection and some spare cash can launch these attacks, regardless of their level of attack know-how.
China and other Southeast Asian countries are no strangers to these attacks – nor to the botnets behind them. Countries like China, Hong Kong, Singapore and Taiwan landed in the top ten most attacked countries throughout 2017, according to Imperva Incapsula’s quarterly global threat landscape reports, while China took the crown as the country from which the highest number of attacks originated, with over 63% of all attacks in the second quarter coming from botnets and command and control servers in the nation. The next top attacking country was the United States, from which 6.4% of attacks originated.
In short, when a DDoS trend emerges from this region of the world, it tends to do so in a big way.
Attacks made simple
Historically, DDoS services have been a popular offering in the underground Chinese market, however in order to launch DDoS attacks, Chinese DDoS enthusiasts would instead purchase, download and install popular DDoS attack tools and operate them on their own computers with their own botnets. A fair amount of work compared to the typical for-hire service model, which is perhaps why this model is now taking off in China and throughout Southeast Asia.
Towards the end of 2017 a significant uptick in the number of Chinese-based websites offering DDoS for hire services was noticed – online platforms instead of downloadable tools, with the botnet supplied by the service. Interestingly, most of the platforms used the exact same user interface and layout, leading security researchers to posit that they were all run by the same individual or entity. Upon closer inspection, this turned out to be an erroneous assumption. Not only did the sites have different registrants, but they were also aiming attacks at each other.
It’s been speculated that instead of being run by the same person or group, the source code for the services came from one person who obtained the source code of a DDoS for hire platform intended for English-speaking users, translated it to Chinese, and set about selling that source code to his or her fellow criminals, who are now making money from everyday people who feel like DDoSing online gaming servers, for example, or sending out DDoS ransom demands.
The power of one
It remains to be seen how this wide availability of easy attack platforms in China is going to impact global DDoS trends, but taking into account how active the region was for issuing attacks even before it was made easy, it’s probably not going to be good.
Regardless of where attacks are trending and which part of the world just got their hands on the easiest possible attack method, this is not the time to think you’re probably safe tucked away in your non-competitive industry in your little corner of the world without cloud-based DDoS protection. All it takes to ruin your day, your week, your month or even your business is one single solitary person deciding that he or she would like to show you what a DDoS attack can do.
