In the first quarter of 2019, the number of DDoS attacks increased by 84%, compared with Q4 2018, according to Kaspersky. In particular, there has been outstanding growth in the amount of attacks that lasted more than an hour, along with the average duration of such attacks. Figures from Kaspersky Lab’s DDoS Q1 2019 report show that there has been a resurgence in DDoS methods, with malefactors focusing on longer attacks.
Last year the number of DDoS attacks was constantly falling, leading Kaspersky Lab experts to assume that cybercriminals who had been conducting DDoS attacks for financial gain had shifted their attention to other sources of income (such as crypto-mining). However, statistics for Q1 2019 contradict this trend and show that the number of DDoS attacks blocked by Kaspersky DDoS Protection has actually grown by a staggering 84%, when compared to Q4 2018. This figure could indicate that such attacks were still in demand, despite being inaccessible when popular DDoS marketplaces were taken down. Once new DDoS-for-Hire websites launched, the number of attacks grew exponentially as a result.
The most noticeable area of growth can be found in DDoS attacks that lasted for more than an hour. These incidents doubled in quantity and their average length increased by 487%. These statistics confirm Kaspersky Lab experts’ hypothesis that hackers are evolving their techniques and are now able to launch longer attacks, which are harder to organize.
“The DDoS attack market is changing. New DDoS services appear to have replaced ones shut down by law enforcement agencies. As organizations implement basic countermeasures, attackers target them with long-lasting attacks. It is difficult to say if the number of attacks will continue to grow, but their complexity is showing no signs of slowing down. We recommend that organizations prepare themselves effectively, in order to withstand sophisticated DDoS attacks,” comments Alexey Kiselev, Business Development Manager on the Kaspersky DDoS Protection team.
„In the previous three quarters, we saw some unexpected arrivals in several Top 10s — countries with no major track record as a source of DDoS threats suddenly asserted themselves. But Q1 2019 held no particular surprises, save for countries such as Saudi Arabia, the Netherlands, and Romania maintaining a high level of DDoS activity; in other words, their appearance in the Top 10s cannot be put down to random deviations. „, Kaspersky said.
Distribution of botnet C&C servers by country, Q1 2019
„Though Libra has met with fierce resistance from central banks and supervisory authorities and might never see the light of day, in many other cases tech firms (both start-ups and established big players) have successfully captured bits and pieces of universal banks’ traditional value chain. This trend may only intensify in the coming years. In this environment, European banks remain squeezed.”