Still DDoS Attacks are making headlines...

The first two quarters in the year 2018, we have already seen considerable increase in the distributed denial of service (DDoS) attacks, responsible for overloading servers, leaving sites slow or unavailable. The Kaspersky report shows that the first quarter of this year saw growth in different categories of cybercrime, including the record of denial of service for the past three years: 297 hours of attack, which corresponds to more than 12 days.

The biggest motivation for DDoS is still profit. If a server can not support all concurrent requests, the site hosted on it is unavailable for a while or takes a long time to load. This naturally leads the interested party to the competition page, and the organization loses money. However, another goal may be hidden, which is masking a data theft attack, diverting the attention of the information security team, erasing the traces and evidence of the crime later.

This attack does not usually depend on thousands of people, it only simulates that the accesses are coming from different IPs. The process is automated, with a networked computers that have bots developed to perform the task.

DDoS has also became ideological weapon. It is used by certain groups to cause slowness in news sites or to compromise official services of enemy countries. In times of elections and political imbalance, the incidence tends to be higher.

Faced with the crime's popularity (there were 7.5 million attacks in 2017, according to Netscout's annual report), services to contain it are also improving in the market. There are forms of prevention and defense, such as Managed Security Services Providers (MSSP), focusing on monitoring and management of devices and systems, and intrusion testing, when experts conduct tests simulating a real attack on the organizations themselves to detect vulnerabilities, and then fix them. In addition to the financial loss to the competition, the attack generates other types of direct costs, such as reworking the different technology teams, who need to turn to block the offensive

Recent incidents in 2018:

In February, the attack on GitHub, the largest site for sharing programming codes, featured the headlines in information security channels.For nine minutes, servers received requests of up to 1.35 Terabits per second, an unprecedented barrage of attacks. Experts say that this was the biggest attack ever recorded in history.

Since March, Cisco, one of the world's leading networking and communications solutions, has warned customers that the backbones that run two of their programs are experiencing a critical failure, caused by a still unknown threat. The company reported a weakness in software called Smart Install, which leaves the way open for hackers to attack vulnerable devices with DDoS or install malicious code for different offensives, knocking down networks. The company has released a software update and suggests that everyone adopt it urgently. 

New botnets are causing more headaches for cybersecurity specialists. A noteworthy case is the creation of a botnet formed from 50,000 surveillance cameras in Japan. And a serious danger is posed by a new strain of the Hide-n-Seek malware, which was the first of all known bots to withstand, under certain circumstances, a reboot of the device on which it had set up shop. True, this botnet has not yet been used to carry out DDoS attacks, but experts do not rule out such functionality being added at a later stage, since the options for monetizing the botnet are not that many. June 5 saw cybercriminals bring down the Bitfinex cryptocurrency exchange, with the system crash followed by a wave of garbage traffic, pointing to a multistage attack that was likely intended to undermine credibility in the site. It was probably competitive rivalry that caused the renowned online poker site, Americas Cardroom, to suffer a DDoS attack that forced first the interruption and then cancellation of a tournament. That said, it was rumored that the attack could have been a political protest against the in-game availability of Donald Trump and Kim Jong Un avatars.

In a context of lack of digital information and sophistication of the offensives, preventive solutions are not more luxury, but a necessary investment.