DDoS-as-a-Service Websites Returning in 2019 Did the FBI Crackdown Only Delay the Inevitable

DDoS attacks are one of the most damaging
forms of cyberattacks. These attacks use massive botnets to target all kinds of
websites, online services, and alike. In recent years, a trend of DDoS-for-hire
websites emerged, where anyone could employ a botnet for conducting their own
attacks or pay hackers to do it for them. The trend became so big that the FBI
itself reacted, entering a collaboration with numerous other agencies around
the world to conduct a major crackdown.

The crackdown resulted in closing multiple
such websites, numerous arrests, and was considered a major success that
crippled the DDoS-as-a-service trend. However, it would seem that the victory
did not last for very long, as these websites started making a comeback in
2019, at least according to a recent Nexusguard Threat Report, called “ Q1 2019 Threat Report .”

The FBI crackdown happened in Q4 2018, and
while many believed that DDoS attacks would diminish as a result — whether
because of the reduced number of DDoS-for-hire websites or because others might
lay low in fear of suffering the same fate — this did not happen. In fact, it
appears that their volume surged by 40 times compared to the previous quarter.
This makes DDoS one of the largest threats in 2019 as well.

Nexusguard’s Threat Report measured thousands
of DDoS attacks worldwide. The measuring uncovered that DNS amplification attacks
were mostly used against telcos and CSPs in Brazil, at least as far as this
quarter is concerned. One of the most notable targets was one of South
America’s largest banks, with over 17% of attacks being used against it.

These attacks are also known as ‘Bit and
piece’ type of attacks, due to them being smaller than 1 Gbps. However, they
are still quite dangerous and damaging, and since the start of 2019, experts
have noticed that they are becoming more targeted and automated. Not only that,
but they even managed to bypass detection in a great number of cases.

Since the attacks are evolving, researchers
from Nexusguard warned CSPs, stating that they have to approach the attacks
with a cloud-based, scalable DDoS detection and mitigation. This is the best way
to reduce the amount of damage that the attacks can cause. If they do not
address the attacks appropriately, they could fall victim to them, and even
pass on malicious traffic, which could result in the customers’ confidence in
their safety dropping.

Apart from the surge in DDoS attack services themselves, researchers have also noted a surge in the number of connected devices. It is clear that hackers are doubling their campaigns. This was also confirmed by Nexusguard’s CTO, Juniman Kasman, who said that it does not seem like DDoS campaigns will stop being a threat to organizations. In other words, businesses are the ones who will have to change, and make sure that their protections evolve in order to stand up to evolving attacks.

This is the only way to ensure the services’
uptime, as well as avoid damages — be they legal, reputational, or otherwise.

Nexusguard also points out that there is a
shift in the type of devices that the attackers are using for creating botnets,
many of which are now dominated by mobile devices. This has also allowed
botnets themselves to evolve into a new breed, and start causing a different
type of attacks. The new form of attacks has a maximum attack duration of more
than 40,000 minutes (over 27 days).

This may cause smartphone users to experience an unnaturally slow performance of their devices, large spikes in data usage , as well as shortened battery life. All of these are signs that their devices are infected with malware, and are likely being used as part of a botnet. Researchers advise that phone users make sure that their devices are up to date, and that they have all the recent patches for various apps and software itself installed.

Meanwhile, suspicious apps should be
uninstalled, and it is also recommended to have an anti-virus or anti-malware
software installed, with regular scans. These methods are the best way to keep
phones clean of malware, viruses, and similar threats.