Botnet Growth Means That DDoS Attacks Are Ramping Up
Imagine if, one day, your personal details – your cell number, your work phone, your email and physical addresses, your social media, personal photos and geolocation – were suddenly posted on a prominent website with the request that anyone who saw them should do their best to contact you.
Instantly, your ability to operate normally ceases. Wherever you go, you’re stopped by people. Your phone rings constantly and the buzz of notifications sounds like a raging hornets’ nest. Forget about productivity; your day is ruined. And possibly the next day, too. And the one after that.
While the analogy isn’t totally accurate, it’s not a million miles away from the way that a botnet-based DDoS attack works on a threat level. DDoS – an acronym for Distributed Denial of Service – is a malicious cyber attack that seeks to disrupt regular traffic patterns on a targeted service, network or server by inundating the target with massive amounts of fraudulent traffic. This is typically done using a botnet, a network made up of private computers or internet-connected devices that have been infected with malware, allowing them to be remote controlled without their rightful owners’ permission. Such attacks are getting worse all the time.
Working to mitigate DDoS attacks should be a top priority for anyone in the cybersecurity space – or anyone who could be a victim of such attacks.
DDoS Attacks Ramp Up
Like the example given up top, what makes botnets scarily effective is the scale of a potential attack. Having your personal information posted on Twitter, for instance, could conceivably open you up to being bombarded by the tens of millions of people who use the microblogging and messaging platform on a regular basis. If only a fraction of them were to message you simultaneously, it would bring your day to a standstill.
However, an automated botnet DDoS attack like the record-breaking Mantis botnet that was behind an enormous attempted attack in June peaked at 26 million requests per second coming from 5,067 infected devices. This is a type of automated attack that would be impossible for human actors to replicate.
While this number of devices is comparatively small, their ability to send out resource-guzzling HTTPS requests at a mind-bogglingly fast pace highlights how potentially effective DDoS attacks can be. The resulting attacks can significantly slow down victims’ online services – or even knock them offline altogether. Since outages cost big money (not to mention potentially dented customer loyalty), this can be extremely damaging.
While terrifying for everyday users, the rise of IoT (Internet of Things) devices has been a boon for those looking to launch DDoS attacks. Previously, attackers would have to infect personal computers in order to launch these attacks. However, the increased number of internet-connected devices, from smart thermostats or air quality checkers to smart locks and doorbells, means that the potential number of devices that can be targeted has exploded. Furthermore, new devices bring undiscovered vulnerabilities, compounded by the fact that many users remain blissfully ignorant about proper security for IoT devices. This means that failing to install patches or change default passwords – actions that would be taken extremely seriously on a personal or work computer – can be ignored.
Attacks Are Evolving
Attackers, meanwhile, are continuing to evolve their attacks to find new ways to inflict damage. Although the high level approach taken by DDoS attackers remains the same (overwhelm a target with huge quantities of fake traffic), the specific vectors used – whether it’s UDP fragmentation, SYN or ICMP floods, PSH ACK floods, or any other number of approaches – is constantly varied up. With this comes a continuous series of new records for the severity of DDoS attacks.
For example, one report from April 2022 noted that DDoS attacks had achieved a new all-time high number in the first three months of the year, increasing 46 percent quarter-over-quarter. The number of targeted attacks increased by a whopping – and terrifying – 81 percent next to the previous calendar quarter. For those who are targeted, the results can be devastating.
Using The Right Tools To Protect Against DDoS
Fortunately, tools are available to help mitigate the risk and threat of DDoS attacks – and these should be a major priority for any organization. Solutions like Web Application Firewalls (WAFs) can be crucial in protecting against attacks by blocking malicious traffic, but still letting filtered traffic from genuine users get through to its destination. You can also use solutions that help absorb DDoS attacks, so that websites and online services will not be overwhelmed and thereby rendered inaccessible by DDoS attacks.
The threat posed by DDoS attacks is only going to get worse. Attacks are ramping up because, simply put, they work. Attackers know this, and in an increasingly digitized world will leverage this fact to cause disruption. But would-be victims aren’t powerless. There are means of safeguarding against DDoS. In 2022 (and, in all likelihood, well beyond this) there can be few better cybersecurity investments you can make.