A surge in hacktivist activity related to the Russia-Ukraine war has been blamed for a significant rise in distributed denial of service (DDoS) attacks in Q1 2022.
Compared with the same period in 2021, Kaspersky researchers said the number of DDoS attacks was 4.5 times greater in 2022 than last year, with “an unprecedented duration of DDoS sessions” also observed.
The figures from 2021 were considered, at the time, to be the all-time highest number of detections by researchers but the figures have now been dwarfed thanks to hacktivists as well as efforts to mimic popular websites to gamify DDoS attacks on Russian websites, Kaspersky said.
These types of targeted attacks have been labelled as ‘smart attacks’ by Kaspersky, a form which has also risen considerably to the tune of 81%. These “were not only performed at scale but were also innovative,” the researchers said.
“In Q1 2022 we witnessed an all-time high number of DDoS attacks,” said Alexander Gutnikov, security expert at Kaspersky to IT Pro. “The upward trend was largely affected by the geopolitical situation. What is quite unusual is the long duration of the DDoS attacks, which are usually executed for immediate profit. Some of the attacks we observed lasted for days and even weeks, suggesting that they might have been conducted by ideologically motivated cyberactivists.
“We’ve also seen that many organisations were not prepared to combat such threats. All these factors have caused us to be more aware of how extensive and dangerous DDoS attacks can be. They also remind us that organisations need to be prepared against such attacks.”
The duration of some of the attacks is noteworthy and far longer than what is normally reported. DDoS attacks are typically categorised by the ‘size’ of them - the amount of traffic involved in the attack, represented in terms of the amount of data. DDoS attacks are rarely measured by their duration but Kaspersky said the longest in this analysis was 549 hours - longer than three weeks.
Not only are lengthy attacks expensive, but they can expose the botnet used to launch the DDoS attack. Usually, DDoS attackers take care not to launch costly, ineffective attacks - most of the attacks Kaspersky analysed (94.95%) lasted less than 4 hours - but this has not been the case so far this year.
RELATED RESOURCE
The truth about cyber security training
Stop ticking boxes. Start delivering real change.
In the case of the hacktivists, Kaspersky said the sustained attacks (longer than one day) were mainly targeting government agencies and banks - further signalling that the attacks were not financially motivated.
In a country-by-country breakdown, Kaspersky did not list the data of attacks against Russia, showing that the US received the most attack attempts with 44.34% of all attacks directed at the country.
Although it did not provide the data on Russia, Kaspersky said many Russian organisations were unprepared for the targeting they received and the company was inundated with requests for help from companies already under attack.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
UK crime fighters wrangle “several thousand” potential cyber criminals in DDoS-for-hire honeypotNews The sting follows a recent crackdown on DDoS-for-hire services globally
-
US begins seizure of 48 DDoS-for-hire services following global investigationNews Six people have been arrested who allegedly oversaw computer attacks launched using booters
-
Will triple extortion ransomware truly take off?In-depth Operators are now launching attacks with three extortion layers, but there are limitations to this model
-
GoDaddy web hosting reviewReviews GoDaddy web hosting is backed by competitive prices and a beginner-friendly dashboard, and while popular, beware of hidden prices
-
Japan investigates potential Russian Killnet cyber attacksNews The hacker group has said it’s revolting against the country’s militarism and that it’s “kicking the samurai”
-
LockBit hacking group to be 'more aggressive' after falling victim to large-scale DDoS attackNews The ransomware group is currently embroiled in a battle after it leaked data belonging to cyber security company Entrust
-
Record for the largest ever HTTPS DDoS attack smashed once againNews The DDoS attack lasted 69 minutes and surpassed the previous record of 26 million RPS
-
Cloudflare unveils new One Partner Program with zero trust at its coreNews Cloudflare CEO Matthew Prince says the initiative aims to take the complexity out of zero trust architecture
