In the first quarter of 2019, the number of DDoS attacks increased by 84%, compared with Q4 2018. In particular, there has been outstanding growth in the amount of attacks that lasted more than an hour, along with the average duration of such attacks. Figures from Kaspersky Lab’s DDoS Q1 2019 report show that there has been a resurgence in DDoS methods, with malefactors focusing on longer attacks. Last year the number of DDoS attacks was constantly falling, leading Kaspersky Lab experts to assume that cybercriminals who had been conducting DDoS attacks for financial gain had shifted their attention to other sources of income (such as crypto-mining). However, statistics for Q1 2019 contradict this trend and show that the number of DDoS attacks blocked by Kaspersky DDoS Protection has actually grown by a staggering 84%, when compared to Q4 2018.
In Thailand 12 attacks were detected in Q1 2019, with the longest attack lasting for two hours. It is a threefold increase in the number of attacks in comparison to Q4 2018, when 4 attacks were monitored by Kaspersky DDoS Protection. These figures could indicate that such attacks were still in demand, despite being inaccessible when popular DDoS marketplaces were taken down. Once new DDoS-for-Hire websites launched, the number of attacks grew exponentially as a result.
The most noticeable area of growth can be found in DDoS attacks that lasted for more than an hour. These incidents doubled in quantity and their average length increased by 487%. These statistics confirm Kaspersky Lab experts’ hypothesis that hackers are evolving their techniques and are now able to launch longer attacks, which are harder to organize.
“The DDoS attack market is changing. New DDoS services appear to have replaced ones shut down by law enforcement agencies. As organizations implement basic countermeasures, attackers target them with long-lasting attacks. It is difficult to say if the number of attacks will continue to grow, but their complexity is showing no signs of slowing down. We recommend that organizations prepare themselves effectively, in order to withstand sophisticated DDoS attacks,” comments Alexey Kiselev, Business Development Manager on the Kaspersky DDoS Protection team.
Kaspersky Lab recommends that organizations follow these steps to protect themselves from DDOS attacks:
• Ensure that web and IT resources can handle high traffic
• Use professional solutions to protect the organization against attacks. For example, Kaspersky DDoS Protection combines Kaspersky Lab’s extensive expertise in combating cyberthreats and the company’s unique in-house developments. The solution protects against all types of DDoS attacks regardless of their complexity, strength or duration