Distributed denial of service attacks are on the rise across the globe, as opportunistic Dark Web dealers increasingly sell hacking-as-a-service products, according to a new threat intelligence report compiled by Imperva, a California-based cybersecurity firm.
The company measured threats faced by its customers during a roughly one-year time period, seeing a 211 percent year-over-year increase in attacks.
More commonly known as DDoS attacks, they are designed to flood servers with artificial internet traffic that causes access interruption to websites or network systems.
The firm largely attributed this apparent growth to the establishment of several botnet operations — which serve as a platform to automate and increase attack volume — and malicious actors’ ability to access greater bandwidth to help generate and use such weapons. Dark Web dealers are using these botnets, according to Imperva, to offer more effective cyber tools to would-be customers.
“The amount of traffic, or bandwidth, that is able to be generated and used as a weapon is at an all-time high. This is likely the result of more compromised machines with higher bandwidth,” Imperva Vice President Tim Matthews told FedScoop.
In short, hackers are able to launch denial of service attacks by manipulating a hosting provider to re-route IP addresses towards a preferred server.
Those DDoS attacks recorded by Imperva — recorded between March 2015 and April 2016 — targeted a diverse range of clients. Even so, all of the attacks similarly aimed to disrupt each organization’s digital operations at one of two distinct levels: application or network.
To be clear, an application-based DDoS effectively works to discontinue online access to a specific property, like a website or software service, rather than an entire network.
Because app-based DDoS attacks are by nature less expansive, they typically leverage less traffic. In the past, DDoS-ing an entire network has presented a challenge for hackers due to the sheer artificial traffic required to pull it off. But Imperva’s new report suggests that botnets are significantly changing this dynamic; making it easier for individual operations to disrupt larger segments of the internet.
Another worrisome trend in the DDoS arena, spotted by Imperva, is that when a target gets hit once, it should prepare for another wave. Data shows that 40 percent of affected targets were attacked more than once, while 16 percent were targeted more than five times.
In the past, DDoS attacks have been used to distract an organization from a more malicious data breach, leading to the possible exfiltration of valuable data like customer finances and personal records.
Here’s what a DDoS looks like via a data visualization by cybersecurity firm Norse: