DDoS attacks are a nuisance to be sure, but they're also used in a variety of ways that make them a severe threat, says Atlas VPN.
DDoS attack data presented by Atlas VPN found that attackers prefer the United States and the computers and internet sectors as targets. In June 2021 alone, more than a third of DDoS attacks worldwide targeted servers in the U.S.
DDoS attacks involve using a massive number of internet-connected machines and devices to flood a target server, rendering it unable to keep up with traffic and either making it unusable or taking it offline. It's tempting to see DDoS attacks as just an annoyance, but they're far worse than that.
SEE: Security incident response policy (TechRepublic Premium)
"[DDoS attacks] lead to the interruption of the website or service, which could cause massive financial damages to the business. To stop the assault, hackers often request a ransom, making it even harder for the company," said Atlas VPN cybersecurity researcher William S.
DDoS attacks are simple in structure and execution, which makes them an even greater threat. Many enterprising cybercriminals have turned to either buying or selling DDoS as-a-service, giving disgruntled employees, corporate rivals, political actors and kids looking to do mischief easier access to them than ever.
While the trends presented from Atlas VPN cover only June 2021, the data from Imperva it is sourced from goes back quite a way, and the trends from June are largely consistent with the recent past.
In June, U.S.-based targets were subjected to 35.3% of DDoS attacks. The United Kingdom was targeted by 29.4% of attacks, and China was targeted by 18%. Other countries, like Japan, Germany, and France, were listed, but they were each targeted by less than 4%.
SEE: How to manage passwords: Best practices and security tips (free PDF) (TechRepublic)
In terms of preferred targets, the computer and internet industry, which Atlas VPN describes as domain providers, web hosts, ISPs, and other online services, was the recipient of 83.2% of all DDoS attacks. Atlas VPN said attacks against these targets are used to simply do as much damage to as many people as possible. "By suspending their systems, hackers also disrupt all other companies using attacked business services."
After the computers and internet sector, other targets seem miniscule in comparison: The games industry suffered 8.8% of attacks, often launched by players trying to cause lag for opponents and put them at a disadvantage. Gambling companies faced 6%, the explanation for which is that "often casinos hire cybercriminals to disrupt their competition," Atlas VPN said. The business and finance sectors were only targeted by 2% and 1%, respectfully, of all DDoS attacks.
In terms of sheer DDoS numbers, the world is generally in a bit of a mid-year lull in which DDoS attacks have been down 38.8%. Don't rely on that lull to keep your organization safe: DDoS attacks may be down this quarter, but they were up 20% overall in 2020, so they're sure to bounce back.
- Working at a safe distance, safely: Remote work at industrial sites brings extra cyber risk (TechRepublic)
- Cybersecurity: Don't blame employees—make them feel like part of the solution (TechRepublic)
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Security threats on the horizon: What IT pro's need to know (free PDF) (TechRepublic)
- Checklist: Securing digital information (TechRepublic Premium)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)