itb-nz logo
Story image

DDoS attacks on the rise despite taking a summer break 

A new report from cybersecurity firm Kaspersky has revealed that while number of DDoS attacks is growing, attacks are fewer during the summer months with a reduction in activity.

Kaspersky’s DDoS Q2 2019 report found that in the second quarter of 2019, the total number of DDoS attacks grew by 18%, compared to the same period in 2018. 

Application-layer attacks, which are more difficult to organise and protect against, showed significant growth – increasing in quantity by a third (32%) compared with Q2 2018. As a result, they now constitute almost half (46%) of all attacks prevented by Kaspersky DDoS Protection. 

Meanwhile, according to the report, the number of attacks in the second quarter of 2019 is 44% less than in Q1, which Kaspersky says is not unexpected as such attacks usually reduce in activity in late spring and summer. 

However, compared with the same period last year, the quantity of DDoS attacks in Q2 increased by 18% and by 25% when compared with Q2 2017.

Notably, the seasonal decrease only had a negligible effect on the number of attacks on the application layer, reducing by just 4% compared to the previous quarter, the report found. 

These type of attacks target certain functions or APIs of applications in order to consume not only the network, but server resources as well. They are also harder to detect and protect from, as they include the performing of legitimate requests, the cyber security firm explains. 

When compared with Q2 2018, the quantity of these type of attacks has increased by nearly a third (32%) and the share of such attacks in Q2 2019 rose to 46%. This is a 9% increase in share than the first quarter of the year, and 15% more in the same period of 2018.

“Traditionally, troublemakers who conduct DDoS attacks for fun go on holiday during the summer and give up their activity until September,” says Alexey Kiselev, business development manager on the Kaspersky DDoS Protection team.

“However, the statistics for this quarter show that professional attackers, who perform complex DDoS attacks, are working hard even over the summer months.”

Kiselev says this trend is worrying for businesses. 

“Many are well protected against high volumes of junk traffic, but DDoS attacks on the application layer require to identify illegitimate activity even if its volume is low,” Kiselev says 

“We therefore recommend that businesses ensure their DDoS protection solutions are ready to withstand these complex attacks.” 

Kiselev says the analysis of commands received by bots from command and control (C&C) servers revealed that the longest DDoS attack of Q2 2019 lasted 509 hours – almost 21 days. 

“This is the lengthiest attack since Kaspersky started to monitor botnet activity in 2015. Previously, the longest attack lasted 329 hours and was registered in Q4 2018.”

To help organisations protect themselves from DDoS attacks, Kaspersky recommends taking the following steps:

  • Ensure that web and IT resources can handle high traffic
  • Use professional solutions to protect the organisation against attacks. 
Link image
RSA offers cutting edge authentication software free
Secure authentication has never been more important now that remote working is the norm. Leverage biometrics, push notification and multi-factor authentication for free now.More
Story image
How data warehouses have become the new data lakes for business
While data lakes are great when it comes to storage, they don’t perform well when it comes to analysis and reporting. The vast volumes and multiple formats mean that traditional data warehouse tools are unsuitable and another approach needs to be found.More
Story image
Acronis appoints new APAC General Manager and launches Partners Programme
One of Morarji’s first objectives has been to launch the new Acronis Partner Programmes in APAC, in which the Acronis team will help channel partners and managed service providers (MSPs) expand their portfolios and deliver fast ROI.More
Link image
Business continuity taking a hit? It doesn't have to
The rapid developments in a world with COVID-19 makes business continuity difficult. Connect your workforce remotely, securely and easily with Westcon-Comstor.More
Story image
You're virtually invited: How the smartest organisations manage Office 365 and Microsoft Teams
If you’re starting your digital transformation journey or want to find out more about how you can boost your Office 365 productivity, this is your chance to take advantage of expert advice - free.More
Story image
Govt widens 'essential products' to include tech goods
New Zealand businesses are now able to sell ‘essential’ non-food consumer products such as computer equipment and mobile phones, while the country remains at Alert Level 4 lockdown.More