Distributed Denial of Service (DDoS) attacks are becoming increasingly sophisticated, persistent and more significant in scale, causing potential damage to the brand, productivity and the bottom line.
The increased dependence of organisations on internet connectivity and remote working during the COVID-19 crisis has increased the disruptive potential of DDoS attacks, which threaten to overthrow network infrastructure and business servers if proper mitigation strategies are not in place.
However, many businesses still do not consider DDoS a significant threat, primarily due to them being less frequent than other forms of cyber-attacks. Also, there is a perception that these attacks are politically motivated and are expensive to mitigate against.
But, in 2020, the world witnessed several attacks against the healthcare industry. The most significant one witnessed was the March 2020 denial-of-service attack against the US Health and Human Services Department operated by an unknown attacker amid the virus outbreak.
As per a Link11 report, DDoS attacks reached a record high in 2020. The number of DDoS attacks nearly doubled from February to September 2020 and were on average 98 per cent higher than in the same period in 2019.
DDoS Attacks against IoT Devices
With enterprises increasing their usage of IoT devices, threat actors have now found another area of technology for them to exploit. IoT devices, especially those that are unpatched and have weak passwords, are perfect targets for DDoS attacks.
Mirai is one of the first and best known such botnets, mainly used to launch joint DDoS attacks against IoT devices. In 2016, when Mirai’s developers publicly released the source code, other cybercriminals found ways to build new and improved botnets that could adapt.
Also Read: The Internet of Things: Top Seven IoT Influencers to Follow
DDoS-as-a-Service
Today, cybercriminals don’t need considerable technical skills to launch an attack, especially with malicious campaigns being put up on the dark web. This especially holds in the case of DDoS-as-a-Service. Anyone can easily rent DDoS toolkits for just a few dollars per month.
DDoS-as-a-Service sales are becoming more commonplace and are no longer just limited to the dark web, especially with more cybercriminals recognising this opportunity to make profits without risking exposure. Threat actors are also promoting their services on social media platforms like YouTube and Reddit by calling their products ‘stressors’ – designed to test a server’s robustness.
Extortion
Cybercriminals are also leveraging this technique for extortion by threatening DDoS attacks against organisations. Even though such attempts can fail if the organisation doesn’t take it seriously, a successful attack can overthrow server activity and operations, even when carried out by unsophisticated attackers.
Here are a few strategies to protect organisations against the latest techniques used in DDoS campaigns:
- Contingency Plan: Businesses must prepare a contingency plan. They need to analyse and determine their critical resources and services and ensure that they have an updated response plan to protect the necessary assets.
- Communication Channel: Organisations need to maintain a clear communication channel with their cloud and internet service providers as their support will be necessary during a DDoS attack.
- Knowledge Base: Businesses should build an extensive knowledge base of threat actor groups and their preferred techniques and strategies to help demystify impersonations and spoofs.
- Digital exposure: There should be a record of all the critical assets of an organisation and monitoring of the internet footprint so that companies are not taken by surprise by threat actors.
- IoT devices: Most importantly, organisations must protect their IoT devices by updating all the unpatched devices, using complex passwords, and keeping unsecured IoT devices off their leading working network.