The Kaspersky Lab DDoS Q4 Report covering statistics of the last quarter and the whole of 2018 highlights a 13% decline in the overall number of DDoS attacks when compared with the statistics from the previous year. However, the duration of mixed and HTTP flood attacks is growing, which suggests that malefactors are turning to more sophisticated DDoS attack techniques.

 

The low cost of DDoS-as-hire makes such attacks one of the most affordable cyberweapons for evil competitors or internet trolls. Businesses, regardless of their size or industry, can face this threat and suffer revenue and reputation losses in case legitimate users and customers cannot access company’s web resources.

 

Despite the number of DDoS attacks falling in 2018, it’s too early to rejoice as the decrease of the amount of attacks does not mean a decrease in their severity. According to Kaspersky Lab researchers, as more and more organizations adopt solutions to protect themselves from simple types of DDoS attacks, 2019 will likely see attackers improve their expertise to overcome standard DDoS protection measures and bring overall complexity of this type of threat to the next level.

 

Although the number of attacks is decreasing, analysis from Kaspersky Lab experts has found that the average attack duration is growing. Compared with the beginning of the year, the average length of attacks has more than doubled –– from 95 minutes in Q1 to 218 minutes in Q4.

 

It is notable that User Datagram Protocol (UDP) or ping flood attacks (when the attacker sends a large number of UDP packets to the target’s server ports in order to overwhelm it and make it unresponsive for clients), which accounts for almost half (49%) of the DDoS attacks in 2018, were very short and rarely lasted more than 5 minutes.

 

Kaspersky Lab experts assume that the decline in the duration of UDP flood attacks illustrates that the market for easier-to-organize attacks is shrinking. Protection from DDoS attacks of this type is becoming widely implemented, making them ineffective in most cases. The researchers propose that attackers launched numerous UDP flood attacks to test whether a targeted resource is not protected. If it immediately becomes clear that attempts are not successful, malefactors stop the attack.

 

At the same time, more complex attacks (such as HTTP misuse) which require time and money, will remain long. As the report revealed, HTTP flood method and mixed attacks with HTTP component, which shares were relatively small (17% and 14%), constitute about 80% of DDoS attack time of the whole year.

 

“When most simple DDoS attacks do not achieve their aim, those people earning money by launching such attacks have two options. They can reconfigure the capacities required for DDoS attacks towards other sources of revenue, such as cryptomining. Alternatively, malefactors who orchestrate DDoS attacks have to improve their technical skills, as their customers will look for more experienced attackers. Given this, we can anticipate that DDoS attacks will evolve in 2019 and it will become harder for companies to detect them and stay protected,” said Alexey Kiselev, Business Development Manager of Kaspersky Lab DDoS Protection team.

 

Regarding results from the last quarter, the longest DDoS attack in Q4 lasted 329 hours (almost 14 days) – such a long attack was last registered at the end of 2015.

 

The top three counties which had the most conducted DDoS attack remain the same. China is again in first place but its share dropped significantly from 77.67% to 50.43%. The US remains second and third place is still occupied by Australia.

 

By target distribution, China still tops the list, but its share declined to 43.26% (70.58% in Q3).

 

In Q4, there have also been changes in the countries hosting the most C&C servers. As in the previous quarter, the US remained the leader, but the UK and the Netherlands came second and third, replacing Russia and Greece respectively. This is likely because of the number of active C&C Mirai servers increasing significantly in the aforementioned countries.

 

Kaspersky Lab recommends the following steps to protect an organization from DDOS attacks:

 

  • Train personnel to respond to such incidents in a proper way

 

  • Ensure that a company’s websites and web applications can handle high traffic

 

  • Use professional solutions to protect against attacks. For example, Kaspersky DDoS Protection combines Kaspersky Lab’s extensive expertise in combating cyberthreats and the company’s unique in-house developments. The solution protects against all types of DDoS attacks regardless of their complexity, strength or duration.

 

 


RECOMMENDED ARTICLE FOR TECHWORLD


 
Bitcoin Stealers Are Back: Hunt for Users’ Cryptosavings Continues
Techworld Date Posted: 17 November 2017 8:40 AM | 399 Views
Kaspersky Lab researchers have discovered a new malware which steals cryptocurrencies from a user’s wallet by replacing their address with its own in the device’s clipboard. Criminals are targeting popular cryptocurrencies such as Bitcoin,.... See More
 
Bitcoin Stealers Are Back: Hunt for Users’ Cryptosavings Continues
Techworld Date Posted: 8:40 AM | 399 Views
Kaspersky Lab researchers have discovered a new malware which steals cryptocurrencies from a user’s wallet by replacing their address with its own in the device’s clipboard. Criminals are targeting popular cryptocurrencies such as Bitcoin,...See More

 
2018 Cyber Security Predictions
Techworld Date Posted: 16 December 2017 12:00 PM | 670 Views
This past year, cyber criminals caused major service disruptions around the world, using their increasing technical proficiency to break through cyber defenses. See More
 
2018 Cyber Security Predictions
Techworld Date Posted: 12:00 PM | 670 Views
This past year, cyber criminals caused major service disruptions around the world, using their increasing technical proficiency to break through cyber defensesSee More

 
Personal Devices at Work
Techworld Date Posted: 15 August 2019 9:27 AM | 48 Views
Personal Devices at Work. See More
 
Personal Devices at Work
Techworld Date Posted: 9:27 AM | 48 Views
Personal Devices at WorkSee More

 
AOC Takes the Lead in the Philippine Market Share throughout 2017
Techworld Date Posted: 31 July 2018 3:45 PM | 1007 Views
The most recent report from the International Data Corporation (IDC), the world’s premiere global market intelligence firm, has confirmed that AOC under the Multi Media Display (MMD) group has retained its spot in Philippine.... See More
 
AOC Takes the Lead in the Philippine Market Share throughout 2017
Techworld Date Posted: 3:45 PM | 1007 Views
The most recent report from the International Data Corporation (IDC), the world’s premiere global market intelligence firm, has confirmed that AOC under the Multi Media Display (MMD) group has retained its spot in Philippine...See More

 
Transcend Announces Its Participation in Davao International Marathon 2019 – Powered by Taiwan Excellence
Techworld Date Posted: 4 March 2019 3:53 PM | 12 Views
Transcend Information Inc., a leading manufacturer of storage and multimedia products, is proud to announce its participation in the Davao International Marathon 2019 (DIM 2019) – Powered by Taiwan Excellence. See More
 
Transcend Announces Its Participation in Davao International Marathon 2019 – Powered by Taiwan Excellence
Techworld Date Posted: 3:53 PM | 12 Views
Transcend Information Inc., a leading manufacturer of storage and multimedia products, is proud to announce its participation in the Davao International Marathon 2019 (DIM 2019) – Powered by Taiwan ExcellenceSee More

 
Latest Nokia Smartphones Now in the Android Recommended Programme
Techworld Date Posted: 25 May 2019 5:10 PM | 55 Views
HMD Global, the home of Nokia phones, has announced that it now offers the largest and most-diverse range of “best-in-business” smartphones on Android™ with the addition of three new devices. The Nokia 9 PureView,.... See More
 
Latest Nokia Smartphones Now in the Android Recommended Programme
Techworld Date Posted: 5:10 PM | 55 Views
HMD Global, the home of Nokia phones, has announced that it now offers the largest and most-diverse range of “best-in-business” smartphones on Android™ with the addition of three new devices. The Nokia 9 PureView,...See More

 
DJI Develops Option for Pilots to Fly Without Internet Data Transfer
Techworld Date Posted: 16 August 2017 3:00 PM | 383 Views
DJI, the world's leader in civilian drones and aerial imaging technology, is developing a new local data mode that stops internet traffic to and from its flight control apps, in order to provide enhanced.... See More
 
DJI Develops Option for Pilots to Fly Without Internet Data Transfer
Techworld Date Posted: 3:00 PM | 383 Views
DJI, the world's leader in civilian drones and aerial imaging technology, is developing a new local data mode that stops internet traffic to and from its flight control apps, in order to provide enhanced...See More

 
F5 Named a WAF Leader by Independent Research Firm
Techworld Date Posted: 5 September 2018 3:35 PM | 212 Views
F5 Networks (NASDAQ: FFIV) just announced that it has been named a Leader in the Forrester Wave™: Web Application Firewalls, Q2 2018 report, published June 25, 2018. . See More
 
F5 Named a WAF Leader by Independent Research Firm
Techworld Date Posted: 3:35 PM | 212 Views
F5 Networks (NASDAQ: FFIV) just announced that it has been named a Leader in the Forrester Wave™: Web Application Firewalls, Q2 2018 report, published June 25, 2018. See More

 
Intensified Financial Hunting by Lazarus Group Marked by Fake Supply Chain Attacks, MacOS Malware
Techworld Date Posted: 28 September 2018 4:04 PM | 323 Views
Kaspersky Lab reveals today that heightened cyberheist activity by the notorious Lazarus group will give rise to more fake supply chain attacks to deliver ever stealthier infections. The cybergang has also been discovered to.... See More
 
Intensified Financial Hunting by Lazarus Group Marked by Fake Supply Chain Attacks, MacOS Malware
Techworld Date Posted: 4:04 PM | 323 Views
Kaspersky Lab reveals today that heightened cyberheist activity by the notorious Lazarus group will give rise to more fake supply chain attacks to deliver ever stealthier infections. The cybergang has also been discovered to...See More

 
Botnet Activity in H1 2018: Multifunctional Bots Becoming More Widespread
Techworld Date Posted: 3 September 2018 5:14 PM | 21 Views
Kaspersky Lab researchers have published a report on botnet activity in the first half of 2018, analyzing more than 150 malware families and their modifications circulating through 600,000 botnets around the world. . See More
 
Botnet Activity in H1 2018: Multifunctional Bots Becoming More Widespread
Techworld Date Posted: 5:14 PM | 21 Views
Kaspersky Lab researchers have published a report on botnet activity in the first half of 2018, analyzing more than 150 malware families and their modifications circulating through 600,000 botnets around the world. See More


Power by

Download Free AZ | Free Wordpress Themes