All Press Release

DDoS-for-hire websites make a comeback despite FBI crackdown, according to Nexusguard Threat Report

Posted by
Nexusguard
June 24, 2019
Telcos and communications service providers (CSPs) will need to take advanced precautions against “bit and piece” DDoS attacks

DDoS attacks “for hire” made a comeback in the beginning of the year, with booter-originated attacks rebounding to more than double their amounts in Q4 2018, according to Nexusguard’s “Q1 2019 Threat Report.” Despite the earlier FBI crackdown, the DNS amplification types of DDoS attacks continued to be a favorite of DDoS-for-hire websites, soaring more than 40 times their volume compared to last quarter. The resurgence of DDoS-as-a-service and the growing botnets reinforce the evolving cyber threat of DDoS attacks for enterprises and communications service providers (CSPs).

The quarterly report, which measures thousands of DDoS attacks around the world, revealed DNS amplification attacks were also the most frequently employed against CSPs and telcos in Brazil this quarter. One of the largest banks in South America bore the brunt of these Brazilian DNS amplification attacks—more than 17% of all attacks. “Bit and piece” types of attacks, or DDoS attacks that were smaller than one Gbps in size, continued to cause issues in the beginning of 2019 by becoming more automated and targeted, bypassing detection. Nexusguard researchers warn that CSPs will need to approach these evolved attacks with scalable, cloud-based DDoS detection and mitigation in order to reduce potential damages. CSPs that fall victim to bit-and-piece attacks and unknowingly pass on malicious traffic will risk undermining customer confidence.

“Due to the increasing demand for DDoS attack services and the boom in connected devices, hackers for hire have doubled and DDoS campaigns are not going away for organizations,” said Juniman Kasman, chief technology officer for Nexusguard. “Businesses will need to ensure their attack protections can seamlessly evolve with new vectors and tactics that attackers seek out, which ensures service uptime, avoids legal or reputational damages, and preserves customer satisfaction.”

Nexusguard findings confirm the continued shift to the leverage of mobile devices in attacks, which has created a new breed of botnets that caused the maximum attack durations to spike to more than 40,000 minutes at a time, or more than 27 days. People who experience sluggish performance, surges in data usage or noticeable decrease in smartphone battery life may be seeing warning signs of malware. Smartphone users should keep devices up to date with the latest patches, uninstall suspicious apps and run anti-virus software as a few ways to stay safe from malware.

Nexusguard’s quarterly DDoS threat research gathers attack data from botnet scanning, honeypots, CSPs and traffic moving between attackers and their targets to help companies identify vulnerabilities and stay informed about global cyber security trends. Read the full "Q1 2019 Threat Report" for more details.