Distributed Denial of Service, also known as DDoS attacks, are not going away anytime soon. Despite several new countermeasure taken by cybersecuirty experts, there was an 18% year-on-year increase in the total number of DDOS attacks in Q2 2019 and 25% increase since Q2 2017, as per Kaspersky’s DDoS Q2 2019 report.
“Traditionally, troublemakers who conduct DDoS attacks for fun go on holiday during the summer and give up their activity until September. However, the statistics for this quarter show that professional attackers, who perform complex DDoS attacks, are working hard even over the summer months," Alexey Kiselev, business development manager, Kaspersky DDoS Protection team, warned in a press statement.
Expanding further on the findings, the Kaspersky points out that Application-layer attacks, an advanced form of DDOS attacks, increased by 32% compared to Q2 2018 and now account for 46% of all cyberattacks a prevented by Kaspersky. Primarily launched using IOT devices, Application-layer attacks are harder to detect as they use a botnet, comprising bots making seemingly legitimate requests, to carry out an attack against a victim’s server.
Many businesses are protected against high volumes of junk traffic, but DDoS attacks on the application layer require to identify illegitimate activity even if its volume is low. We therefore recommend that businesses ensure their DDoS protection solutions are ready to withstand these complex attacks," advises Kiselev.
The longest DDOS attack of Q2 209 lasted 509 hours, making it the longest such attack since 2015. The longest DDOS attack lasted 329 hours. This was measured based on the commands received by bots from command and control servers.
DDoS attacks are carried out by sending multiple requests with the objective of exceeding the website’s capacity to handle multiple requests and prevent them from performing as expected. This kind of attack is common against ecommerce sites, online gaming platforms and any website that provides online services.