Distributed denial of service (DDoS) operations remain one of the most popular forms of attack, according to a report from Kaspersky Labs.
The attacks are relatively simple to orchestrate, and extremely difficult to defend against, making them one of the most favored tools for an attacker, be they a nation-state like China or a hacktivist group like Anonymous.
DDoS attacks are used to interrupt a computer network’s ability to function by flooding it with information, thus denying service to legitimate users. DDoS attacks are also highly under-reported, according to Kasperky's research.
“Organizations rarely publicize the fact that they have been targeted by DDoS attacks in order to protect their reputation," said Kaspersky Lab's Yury Namestnikov.
Kaspersky reports the following data on DDoS attacks from the second quarter of this year:
- The longest DDoS attack lasted 60 days, 1 hour, 21 minutes and 9 seconds
- The highest number of DDoS attacks against a single site was 218
Q2Attacks by Country
- 89% of DDoS traffic was generated in 23 countries
- The US and Indonesia made up a combined 10% of attack traffic
Q2 Distribution of Attacked Websites
- Online shopping sites, including e-stores, auctions, and buy and sell message boards made up 25% of all targeted sites, an increase
- The next most frequently attacks sites were electronic trading platforms and banks
Q2 Activity of DDoS Botnets
- 80% of all DDoS attacks take place Monday through Thursday
- 23% of the week’s DDoS attacks occur on a Tuesday
Q2 Overall Highlights
- LulzSec and Anonymous were biggest DDoS offenders
- Sony suffered the most damage from DDoS attacks
DDoS attacks are also being used to create a diversion and preoccupy security teams while more sophisticated attacks and hacking attempts are initiated. Such was the case with Sony, which said the early April DDoS attacks provided the opportunity for hackers to breach the servers and steal customer data records.
"Cybercriminals, meanwhile, are increasingly using DDoS attacks as a diversionary tactic when launching more sophisticated attacks such as those on online banking systems. Complex attacks of this nature are particularly damaging in that they can cause significant losses for the financial institutions as well as their clients."