Prepare for DDoS attack despite slight lull in summer, warns Kaspersky
According to Kaspersky’s report on DDoS (distributed denial-of-service) attacks, the second quarter experienced 44 per cent fewer attacks, which was not unexpected because such attacks usually dwindle in late spring and summer.
However, compared to the same period last year, DDoS attacks in the second quarter this year rose by 18 per cent and by 25 per cent compared to the same period in 2017.
The report also showed that this seasonal decrease only had a negligible effect on the number of attacks on application layers, dropping by just 4 per cent compared to the previous quarter. These attacks target certain functions of applications that consume not just the network, but also server resources. They are also more difficult to detect and be protected from as they include the performing of legitimate requests.
When compared with the second quarter of 2018, the quantity of these attacks has increased by nearly a third (32 per cent) and the share of such attacks in the second quarter of this year rose to 46 per cent. This marks a 9 per cent increase compared to the first quarter this year and is 15 per cent more than in the same period of 2018.
“Traditionally, the troublemakers who launch DDoS attacks for fun go on holiday during the summer and give up their activity until September. However, statistics for this quarter show that professional attackers, who perform complex DDoS attacks, are working hard even over the summer months. This trend is rather worrying for businesses. Many are well protected against high volumes of junk traffic, but DDoS attacks on the application layer require to identify illegitimate activity even if its volume is low. We therefore recommend that businesses ensure their DDoS protection solutions are ready to withstand these complex attacks,” said Alexey Kiselev, business development manager on the Kaspersky DDoS Protection team.
An analysis of commands received by bots from command and control servers revealed that the longest DDoS attack in the second quarter of this year lasted 509 hours or nearly 21 days. This is the lengthiest attack since Kaspersky started monitoring botnet activity in 2015. Previously, the longest attack lasted 329 hours and was registered in the fourth quarter of 2018.
To help organisations protect themselves from DDoS attacks, Kaspersky recommends the following:
• Ensure that your web and IT resources can handle high traffic;
• Use professional solutions to protect the organisation against attacks.