Analysis he revealed that the number of attacks prevented by Kaspersky DDoS Protection in the fourth quarter of 2018 amounts to only 56% of the attacks detected in the fourth quarter of 2019.
Further research into botnet activities reveals that about 28% of attacks take place on weekends, with the share of attacks on Sundays increasing by 2,5 points, reaching 13%. The above findings come from Kaspersky's investigation into DDoS attacks in the fourth quarter of 2019.
In the fourth quarter of 2019, several DDoS were performed large-scale attacks, which includes one against economic institutions of South Africa, Singapore and the Nordic countries. These cyberattacks also targeted the UK Labor Party in an attempt to disrupt its digital systems, as well as Minecraft servers in the Vatican.
This shows that DDoS remains a common attack tactic among cybercriminals seeking financial gain or ideological motives, so organizations need to be prepared for such attacks and realize that they are evolving.
The research points out that the dominant trend during the last quarter of 2019 was the increased activity of botnets on Sundays. While the increase may seem relatively small (2,5 points), the DDoS rate on this day of the week was otherwise consistently the lowest in the rest of the year (about 11% of attacks in the first and third quarters, 10 % in the second).
In the fourth quarter, Thursday turned out to be the day with the least DDoS activity. In general, the distribution of attacks during the week is now more balanced. The analysis shows that the difference between the most intense and the quietest day was only 2,5 points (in the previous quarter, the corresponding number was 7 points).
Distribution of DDoS attacks per day of the week in 2019
Although the number of DDoS attacks detected by Kaspersky DDoS Protection has increased significantly compared to the same period in 2018, the increase compared to the third quarter of 2019 is minimal (attacks in the third quarter of 2019 correspond to 92 % of the fourth quarter of 2019).
There was a more noticeable increase in so-called and "smart" DDoS attacks (as attacks in the third quarter of 2019 were 73% of attacks in the fourth quarter of 2019), which focus on application overlay and are executed by skilled criminals.
This increase was quite predictable, as the period from November to December is traditionally popular for online, commercial activity. However, Kaspersky experts did not find any peak of actions on Black Friday or shopping days during the Christmas holidays.
"Despite the significant increase in general, this period turned out to be calmer than expected. We believe that we did not observe a number of attacks on specific days because the companies divided their activities in time in order to maintain the interest of the customers throughout the holidays. So, there is no need for cybercriminals to plan an attack on a specific event. However, attackers can still find a way to disrupt your free time, as cybercrime is not a typical 9-5 schedule, so it is important to ensure that the DDoS prevention solution you apply can automatically protect cybercriminals. your assets ", comments Alexey Kiselev, Business Development Manager at Kaspersky DDoS Protection.
To help organizations protect themselves from DDoS attacks on weekends and during peak times of the year, Kaspersky recommends the following steps:
- Carry out endurance tests and web application tests with employees from within the company or with the help of external experts, in order to identify the weakest points in the company's infrastructure.
- Assign specialist web resource maintainers. Make sure they know how to respond to DDoS attacks and how they are prepared to respond to them outside of their scheduled business hours.
- Verify agreements with third parties and contact information. These include agreements with an internet provider so that you can contact them immediately in the event of an attack.
- Apply professional solutions to protect the body from attacks.