DDoS-for-hire websites make a comeback despite FBI crackdown, according to Nexusguard Threat Report

June, 21/2019 - 07:18
DDoS-for-hire websites make a comeback despite FBI crackdown, according to Nexusguard Threat Report

Telcos and communications service providers (CSPs) will need to take advanced precautions against “bit and piece” DDoS attacks


SAN FRANCISCO, UNITED STATES - Media OutReach -25 June 2019 - DDoS attacks "for hire" made a comeback in the beginning of theyear, with booter-originated attacks rebounding to more than double theiramounts in Q4 2018, according to Nexusguard's "Q1 2019 Threat Report." Despite the earlier FBIcrackdown, the DNS amplification types of DDoS attacks continued to be afavorite of DDoS-for-hire websites, soaring more than 40 times their volumecompared to last quarter. The resurgence of DDoS-as-a-service and the growingbotnets reinforce the evolving cyber threat of DDoS attacks for enterprises andcommunications service providers (CSPs).

The quarterly report, which measures thousands of DDoS attacksaround the world, revealed DNS amplification attacks were also the mostfrequently employed against CSPs and telcos in Brazil this quarter. One of thelargest banks in South America bore the brunt of these Brazilian DNSamplification attacks--more than 17% of all attacks. "Bit and piece" types of attacks,or DDoS attacks that were smaller than one Gbps in size, continued to causeissues in the beginning of 2019 by becoming more automated and targeted,bypassing detection. Nexusguard researchers warn that CSPs will need toapproach these evolved attacks with scalable, cloud-based DDoS detection andmitigation in order to reduce potential damages. CSPs that fall victim tobit-and-piece attacks and unknowingly pass on malicious traffic will risk underminingcustomer confidence.

"Due to the increasing demand for DDoS attack services and theboom in connected devices, hackers for hire have doubled and DDoS campaigns arenot going away for organizations," said Juniman Kasman, chief technologyofficer for Nexusguard. "Businesses will need to ensure their attackprotections can seamlessly evolve with new vectors and tactics that attackersseek out, which ensures service uptime, avoids legal or reputational damages,and preserves customer satisfaction."

Nexusguardfindings confirm the continued shift to the leverage of mobile devices inattacks, which has created a new breed of botnets that caused the maximumattack durations to spike to more than 40,000 minutes at a time, or more than27 days. People who experience sluggish performance, surges in data usage ornoticeable decrease in smartphone battery life may be seeing warning signs ofmalware. Smartphone users should keep devices up to date with the latestpatches, uninstall suspicious apps and run anti-virus software as a few ways tostay safe from malware.

Nexusguard'squarterly DDoS threat research gathers attack data from botnet scanning, honeypots,CSPs and traffic moving between attackers and their targets to help companiesidentify vulnerabilities and stay informed about global cyber security trends. Readthe full "Q1 2019 Threat Report" for more details.

About Nexusguard

Founded in 2008, Nexusguard is a leadingcloud-based distributed denial of service (DDoS) security solution providerfighting malicious internet attacks. Nexusguard ensures uninterrupted internetservice, visibility, optimization and performance. Nexusguard also enablescommunication service providers to deliver DDoS protection solution as aservice. Visit www.nexusguard.com for more information.