In the first quarter of 2019, the number of DDoS attacks increased by 84%, compared with Q4 2018, according to Kaspersky. In particular, there has been outstanding growth in the amount of attacks that lasted more than an hour, along with the average duration of such attacks. Figures from Kaspersky Lab’s DDoS Q1 2019 report show that there has been a resurgence in DDoS methods, with malefactors focusing on longer attacks.
Last year the number of DDoS attacks was constantly falling, leading Kaspersky Lab experts to assume that cybercriminals who had been conducting DDoS attacks for financial gain had shifted their attention to other sources of income (such as crypto-mining). However, statistics for Q1 2019 contradict this trend and show that the number of DDoS attacks blocked by Kaspersky DDoS Protection has actually grown by a staggering 84%, when compared to Q4 2018. This figure could indicate that such attacks were still in demand, despite being inaccessible when popular DDoS marketplaces were taken down. Once new DDoS-for-Hire websites launched, the number of attacks grew exponentially as a result.
The most noticeable area of growth can be found in DDoS attacks that lasted for more than an hour. These incidents doubled in quantity and their average length increased by 487%. These statistics confirm Kaspersky Lab experts’ hypothesis that hackers are evolving their techniques and are now able to launch longer attacks, which are harder to organize.
“The DDoS attack market is changing. New DDoS services appear to have replaced ones shut down by law enforcement agencies. As organizations implement basic countermeasures, attackers target them with long-lasting attacks. It is difficult to say if the number of attacks will continue to grow, but their complexity is showing no signs of slowing down. We recommend that organizations prepare themselves effectively, in order to withstand sophisticated DDoS attacks,” comments Alexey Kiselev, Business Development Manager on the Kaspersky DDoS Protection team.
„In the previous three quarters, we saw some unexpected arrivals in several Top 10s — countries with no major track record as a source of DDoS threats suddenly asserted themselves. But Q1 2019 held no particular surprises, save for countries such as Saudi Arabia, the Netherlands, and Romania maintaining a high level of DDoS activity; in other words, their appearance in the Top 10s cannot be put down to random deviations. „, Kaspersky said.
Distribution of botnet C&C servers by country, Q1 2019
„Tendinţele pe care le-am remarcat înainte de începerea pandemiei s-au accelerat pe perioada stării de urgenţă. Am văzut acest lucru ca o oportunitate, un tipping point pentru bancă. Post-pandemie nu avem cum sa ne întoarcem la comportamentul financiar pe care îl aveam până în februarie a.c. Relaţia românilor cu online-ul s-a schimbat. In plus, cardul fizic se va dematerializa. Vom asista la o scădere a cererii pentru cardurile fizice, respectiv la o creştere a preferinţei pentru componenta digitală a acestora.”