A new
Kaspersky report
revealed
that Distributed Denial of Service (DDoS) attacks
increased steadily in the
third quarter of 2022, particularly those conducted by
professionals. The number of sophisticated attacks doubled, compared
to the same period last year, while the number of attacks by
hacktivists almost
vanished in the third quarter, following a notable rise in
the previous two
quarters. These and other findings are part of Kaspersky's
latest
quarterly DDoS report.
A
Distributed Denial of Service (DDoS) attack is designed to stop a website from
functioning normally or disrupt it completely. During an attack (which usually
targets government institutions, retail, financial, media and other
organizations) the victim loses customers due to the unavailability of their
website and their reputation suffers.
In
Q3 2022, the number of DDoS attacks of all types rose in relation to previous
reporting periods. According to Kaspersky experts, this is a standard picture:
a relatively calm summer is followed by a sharp surge in DDoS activity.
However, the overall number of DDoS attacks also rose by 47.87% compared to Q3
2021, while the number of smart, i.e. sophisticated and professionally
conducted attacks, doubled.
A comparative number of DDoS attacks:
Q3 2022 and Q3 2021 as well as Q2 2022. Data for Q2 2021 is taken as 100%
What
makes the third quarter more remarkable is the continuous drop in
non-professional attacks. Although hacktivists were quite passionate and
prolific in their DDoS attempts during the first half of 2022, in Q3 they switched
to other malicious activity. By Q3, the number of hacktivist DDoS attacks was
tending towards zero. Meanwhile, the number of high-quality professional
attacks, after a significant increase in Q1, remained at a high level. The targets
have not changed either; mainly in the financial and government sectors.
In terms of DDoS attack duration, there were no new
records. While Q2 was marked by the longest attack ever observed, Q3 was calmer.
On average, attacks lasted about eight hours, with the longest being just under
four days. Compared to the previous quarter, this figure seems rather modest,
but the figures are still immense. In Q3 of last year, the duration of DDoS
attacks was measured in minutes, not hours. The situation
remains challenging in this regard.
"Since the end of February, we have been
observing and thwarting an unusually high number of amateur hacktivist attacks,"
said Alexander Gutnikov, security expert at Kaspersky. "However, the number of
these kinds of attacks has been gradually declining and by the end of Q3 had
returned to normal levels. During this period, we observed plenty of sophisticated
attacks aimed at reaching clearly defined goals: for example, to cut media
outlets off, or even suspend general operations of government organizations."
Read more about DDoS attacks in Q3 2022 on Securelist.
To stay protected against DDoS attacks, Kaspersky's
experts recommend implementing the following measures:
-
Maintain web resource operations by assigning
specialists who understand how to respond to DDoS attacks.
-
Validate third-party agreements and contact
information, including those made with internet service providers. This helps
teams quickly access agreements in case of an attack.
-
Implement professional solutions to safeguard your
organization against DDoS attacks. For example, Kaspersky DDoS Protection
combines Kaspersky's extensive expertise in combating cyberthreats and the
company's unique in-house solutions.
-
Know your traffic. Use network and application
monitoring tools to identify traffic trends and tendencies. By understanding
your company's typical traffic patterns and characteristics, you can establish
a baseline to more easily identify unusual activity that is symptomatic of a
DDoS attack.
-
Have a restrictive Plan B defensive posture ready to
go. Be in a position to rapidly restore business-critical services in the face
of a DDoS attack.