DDoS attacks make a comeback

null

New research from Kaspersky Lab has revealed that distributed denial of service (DDoS) attacks are making a comeback as cybercriminals have once again begun to employ botnets to carry out widespread and even long-lasting, multi-day attacks. 

The security firm's DDoS Intelligence quarterly report highlighted the return of DDoS attacks with DDoS botnets responsible for attacking online resources in 81 countries.  Once again China, the US and South Korea experienced the largest number of attacks as they have the most servers available to attackers. 

Kaspersky also found that Hong Kong and Japan had replaced the Netherlands and Vietnam among the top 10 most targeted countries.    

However, the changes to the 10 countries with the most command and control servers (C&C servers) were even more pronounced, with Italy, Hong Kong, German and the UK replacing Canada, Turkey, Lithuania and Denmark. This change is most likely a result of the number of active C&C servers of Darkai (a Mirai clone) and AESDDoS bots increasing significantly while old Xor and Yoyo botnets were once again used by attackers. 

While most botnets use Linux, the proportion of Linux-based botnets fell slightly to 66 per cent down from 71 per cent in 2017. 

Kaspersky's report also shed light on the fact that long-lasting DDoS attacks have returned with the longest attack of Q1 2018 lasting 297 hours or more than 12 days.  An attack of this duration has not been seen since the end of 2015. 

Head of B2B, Channel at Kaspersky Lab, Russ Madley provided further insight on the findings of the report, saying: 

“Our latest DDoS report has shown that it’s not only direct victims of DDoS attacks that are affected, but also companies whose infrastructure includes vulnerable components. Exploiting vulnerabilities is common for cybercriminals creating DDoS botnets, so this report emphasises the scale of the threat to organisations. A company’s multilayered online security strategy should include regular patching of vulnerabilities and protection against DDoS attacks as standard.”  

Image Credit: Profit_Image / Shutterstock