A recent study has shown that DDoS attacks are far from being a thing of the past, as the number of DDoS attacks has increased by 40% in the last six months, increasingly targeting sectors such as banking, e-commerce and education. These types of attacks can have a significant impact on organizations, causing financial losses and reputational damage, and as they become more frequent, DDoS disruptions continue to pose a real threat to companies.
Why are these attacks still effective?
Despite being unsophisticated compared to other cyberattacks, DDoS attacks are still disrupting online businesses and government infrastructures. In June this year, Diablo 4, one of this year's most prominent video game releases, and other games developed by the company Blizzard, were the target of a DDoS attack that temporarily interrupted their services. In the same month, to Microsoft confirmed that it was the victim of layer 7 DDoS attacks, which caused intermittent outages in Azure, Outlook and OneDrive services.
So if these attacks are considered “old-fashioned,” why are they on the rise?
- They are simple: DDoS attacks can be perpetrated with relative ease compared to more sophisticated threats such as big game hunting ransomware. This means that any malicious actor with a basic level of network knowledge can launch a DDoS attack.
- They are offered as a service: You can hire a hacker to carry out the attack for $30 per day or between $10 and $5 per hour. This rate varies depending on the size and duration of the attack or the type of botnet used by the vendor.
- Availability: DDoS attacks are increasing due to factors such as the growth of the DDoS-as-a-Service market. It has probably never been easier to carry out a DDoS attack.
- The following are useful for attackers: Companies are increasingly dependent on their online services, digital marketplaces and real-time services. Service disruption caused by DDoS is costly for businesses and can damage their reputation, giving cybercriminals the opportunity to extort money from them.
- They serve as a distraction: are often used as a diversionary tactic to mask other malicious activities. They can also be a powerful way to attract attention, making them a popular choice among hacktivist groups.
- They increase the pressure on ransomware attacks: Some ransomware operators, such as Lockbit 3.0, use DDoS attacks to increase pressure on the target organization and make it pay the ransom in a strategy known as triple extortion.
- They are immediate: Unlike other cyber attacks, such as phishing, which require a wait time for the victim to fall into the trap, DDos attacks can be carried out quickly, giving hackers instant access to data and allowing them to extend or modify an attack in any chosen location.
Firewalls as a protective measure against DDoS attacks
The continued rise in DDoS attacks has alerted leading cybersecurity institutions such as the US Cybersecurity and Infrastructure Security Agency (CISA), which recently issued a warning about the dangers of this malicious tactic. CISA advises organizations that suspect they have been victims of a DDoS attack to identify the source and mitigate the situation by applying firewall rules.
A firewall can block IP addresses and ports, as well as set pre-determined traffic limits for servers and clients, actions that will prevent a DDoS attack from damaging corporate networks.
