sb-eu logo
Story image

DDoS attacks on the rise, with more hitting victims on Sunday

Kaspersky research has found that DDoS attacks have almost doubled in Q4 2019 with roughly 28% of attacks occurring on the weekend.

This is according to Kaspersky’s Q4 2019 DDoS attacks report, which shows the number of attacks blocked by Kaspersky DDoS Protection in Q4 2018 amounts to only 56% of attacks detected in Q4 2019.

Further investigation of botnet activity revealed that roughly 28% of attacks occurred on weekends, with the share of attacks on Sundays growing by two and a half percentage points, reaching 13%. In Q4 2019, there were several large-scale DDoS attacks including those against financial institutions in South Africa, Singapore and Scandinavian countries.

DDoS cyberattacks were also targeted at the Labour party in the United Kingdom as an attempt to disrupt its digital systems, as well as against Minecraft servers set up in the Vatican.

Kaspersky says this demonstrates that DDoS is still a common attack method among cybercriminals driven by ideological motives or seeking financial gain, and organisations should be prepared for such attacks and have a deep understanding of how they evolve.

The report highlights that the main trend during the last quarter of 2019 was increased botnet activity on Sundays.

While the growth may seem relatively small, the share of DDoS attacks on this particular day of the week has historically been the lowest and most consistent throughout the year (around 11% of attacks in Q1 and Q3, and 10% in Q2), the company says.

Although the number of DDoS attacks detected by Kaspersky DDoS Protection has grown significantly compared to Q4 2018, the growth in comparison to Q3 2019 is only marginal (attacks in Q3 2019 equate to 92% of Q4 2019).

Furthermore, there was a more notable rise in ‘smart’ DDoS attacks, focusing on the application layer and carried out by skilled malefactors (as attacks in Q3 2019 were 73% of those in Q4 2019).

This increase was easy to predict as November and December are traditionally a popular time for online business and retail activity. This year, however, Kaspersky experts did not identify a spike of DDoS attacks on Black Friday or Christmas holiday sales days, the company says.

Kaspersky DDoS Protection business development manager Alexey Kiselev says, “Despite significant growth in general, the holiday season turned out to be quieter than expected.

“We suspect that we didn’t see a storm of attacks on certain days because companies expanded their activity to engage with customers for the entirety of the holiday period, so there was no need for cybercriminals to launch an attack to coincide with a specific event.

“However, attackers can still find a way to spoil your leisure time, as cybercrime is not an ordinary nine-to-five job. With that in mind, it is important to ensure that your DDoS prevention solution can automatically protect your web assets.”

Story image
US oil & energy providers hit by plunging market cap in 1H 2020
As the COVID-19 coronavirus pandemic continues to lead many market sectors into turbulence, the energy sector has not escaped unscathed.More
Story image
Businesses move to cloud-based security solutions in a bid to support remote working
Cloud-based security tools are becoming increasingly popular following the rise in remote working during COVID-19, including a marked increase in businesses using such tools to protect of corporate financial information.More
Story image
LogRhythm named #1 for customer satisfaction in G2 report
Named a Leader in G2 Research's reports for SIEM, Incident Response, and usability based on aggregated user rating data.More
Story image
54% rise in gaming-related cyber attacks recorded in April
Social isolation measures, widely implemented throughout the world during March and April, has been linked to both the increase in engagement for gaming and a corresponding boom in game-related cyber attacks.More
Story image
Cyber attacks use LinkedIn to target companies and employees
The attacks, which ESET researchers have called Operation In(ter)ception, took place from September to December 2019 and are notable for using LinkedIn-based spearphishing. More
Story image
Why DX is not complete without a transformed security architecture
Secure Access Services Edge (SASE) is the process by which core WAN edge capabilities like SD-WAN, routing, and WAN optimisation at branch locations are integrated with cloud-based security services like secure web gateways, firewall-as-a-service, cloud access security brokers, and more.More