DDoS attacks are becoming more powerful, according to a Monday report from Positive Technologies. The year 2018 saw the two biggest DDoS attacks in history, reaching 1.35 and 1.7 terabits per second, with hackers using memcached servers to amplify their strike, the report found.
Government institutions and IT companies were the most common targets of DDoS attacks in Q4 2018, according to the report.
Cybercriminals are increasingly motivated by data theft, rather than solely direct monetary theft. Of all attacks in 2018, 42% were motivated by access to information, 41% by financial profit, 15% by hacktivism, and 2% by cyberwar, the report found.
SEE: Incident response policy (Tech Pro Research)
However, it should be noted that many hackers steal data to later steal money, blackmail someone, or sell it on the Dark Web, it noted. Hacking a computer system can also be a first step in a major fraud scheme, or tool in a cyberwar, the report said.
Malware was used in 56% of all attacks, as malicious software is increasingly available, reducing the barrier to entry for criminals, according to the report.
The number of unique cybersecurity incidents grew by 27% in 2018 over 2017, with no signs of slowing down, it noted.
Positive Technologies researchers made the following predictions for the rest of 2019 when it comes to the cybersecurity landscape:
- DDoS attacks will become more powerful because of the growth of botnets and use of new techniques and exploits. The growing malware marketplace will also make it easier for even low-skill hackers to complete attacks.
- Data theft attacks will continue to grow, as criminals hack poorly protected systems to steal personal, medical, and payment information. Businesses that lack strong security measures, including service companies, educational institutions, healthcare institutions, and retailers, will be particularly at risk.
- Cryptomining attacks will continue to be less profitable than they were in the past, and will continue to decline if cryptocurrency prices do as well.
For tips on how to stop memcached DDoS attacks, check out this TechRepublic story.