Connect with us

Hi, what are you looking for?

HEADLINES

Botnet DDoS attacks highlighted in Kaspersky Lab quarterly report

The second quarter of 2017 was proof that long-lasting DDoS attacks are back in business. The longest attack in the quarter was active for 277 hours (more than 11 days) – which is a 131% increase compared to Q1. This is so far a record for the year, says the Q2 2017 botnet DDoS report from Kaspersky Lab experts.

The second quarter of 2017 was proof that long-lasting DDoS attacks are back in business. The longest attack in the quarter was active for 277 hours (more than 11 days) – which is a 131% increase compared to Q1. This is so far a record for the year, says the Q2 2017 botnet DDoS report from Kaspersky Lab experts.

Kaspersky Lab_DDoS Q2.jpg

Duration was not the only distinctive feature of the DDoS attacks between April and June. The geography of incidents has also seen a dramatic change with organizations with online resources located in 86 countries targeted in the second quarter (compared to 72 in Q1).

The top 10 most affected countries were China, South Korea, USA, Hong Kong, UK, Italy, the Netherlands, Canada and France — with Italy and the Netherlands replacing Vietnam and Denmark that were among the top targets in Q1.

“Today, connected devices number in the hundreds of millions, but very soon there will be billions of them. Not all of them are protected good enough, so they are likely to be a part of some botnets. And big botnets are capable of doing some really nasty deeds,” comments Sylvia Ng, General Manager at  Kaspersky Lab Southeast Asia.

Advertisement. Scroll to continue reading.

Targets of DDoS attacks included one of the largest news agencies, Al Jazeera, Le Monde and Figaro newspaper websites and, reportedly, Skype servers. In the second quarter of 2017, an increase in cryptocurrencies rates also led to cybercriminals trying to manipulate prices through DDoS.

Bitfinex, the largest Bitcoin trading exchange, was attacked simultaneously with the launch of trading in a new cryptocurrency called IOTA token. Earlier, the BTC-E exchange reported a slowdown due to a powerful DDoS attack.

The interest of DDoS attack organizers in cash goes beyond manipulating cryptocurrency rates. Using this type of attack to extort money can be beneficial as trends in Ransom DDoS or RDoS demonstrate.

Cybercriminals usually send a message to the victim demanding a ransom that ranges from 5 to 200 bitcoins. If the company refuses to pay, attackers threaten to organize a DDoS attack on a critically important online victim resource.

Such messages can be accompanied by short-term DDoS attacks to confirm the threats are very real. At the end of June, a large-scale RDoS attempt was made by the group called Armada Collective, who demanded about $315,000 from seven South Korean banks.

Advertisement. Scroll to continue reading.

However, there is always another way which has become more popular in the last quarter – Ransom DDoS with no DDoS at all. Fraudsters send out threatening messages to a large number of companies in the hope that someone will decide to be better safe than sorry.

Demonstrations of attacks may never happen, but if just one company decides to pay, that brings profit with minimal effort from the cybercriminals.

“Nowadays, it’s not just experienced teams of hi-tech cybercriminals that can be Ransom DDoS-attackers. Any fraudster who doesn’t even have the technical knowledge or skill to organize a full-scale DDoS attack can purchase a demonstrative attack for the purpose of extortion. These people are mostly picking unsavvy companies that don’t protect their resources from DDoS in any way and therefore, can be easily convinced to pay ransom with a simple demonstration,” says Kirill Ilganaev, head of Kaspersky DDoS Protection at Kaspersky Lab.

Kaspersky Lab experts warn that if a victim company decides to pay, it may bring long-term damage in addition to instant monetary losses. A ‘payer’ reputation spreads fast through the networks and may provoke further attacks from other cybercriminals.

Kaspersky DDoS Protection combines Kaspersky Lab’s expertise in combating cyber threats and the company’s in-house developments. The solution protects against all types of DDoS attacks regardless of their complexity, strength or duration.

Advertisement. Scroll to continue reading.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

White Papers

When compared to 2023, Sophos saw a 51% increase in abusing “Living off the Land” binaries or LOLbins; since 2021, it’s increased by 83%.

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

To stay ahead of these challenges, organizations need to invest in AI-driven defenses, transition to quantum-safe encryption, and adopt a Zero Trust approach to...

HEADLINES

There was a 121% Year-on-Year (YoY) increase in identity fraud in 2024 across the region, with significant surges recorded in Singapore (207%), Thailand (206%)...

White Papers

The survey found that CXO’s feel less prepared than their global peers. Less than half or 48% in APAC said they felt completely prepared...

HEADLINES

On average, a single organization in the Philippines experiences 4,003 attacks per week, significantly higher than the APAC average of 2,870 attacks per week.

White Papers

Exploiting this vulnerability, cybercriminals craft deceptively authentic phishing emails that align with current trends, exploiting human emotions to invoke urgency and trick recipients into...

HEADLINES

As the year 2024 draws to a close, cybersecurity solutions provider Fortinet unveiled predictions that expect hackers will leverage as well as trends that...

Advertisement