The second quarter of 2017 was proof that the long-term attacks DDoS ανέλαβαν ξανά δράση. Η μεγαλύτερη επίθεση του τριμήνου ήταν ενεργή για 277 ώρες (περισσότερο από 11 ημέρες) – μέγεθος αυξημένο κατά 131% σε σχέση με το πρώτο τρίμηνο. Αυτό αποτελεί μέχρι στιγμής μέγεθος ρεκόρ για το έτος, όπως αναφέρει η έκθεση των ειδικών της Kaspersky Lab on DDoS botnet attacks for the second quarter of 2017.
Duration was not the only feature of DDoS attacks between April and June. There is also a dramatic change in the geography of incidents, as in the second quarter, organizations with electronic resources have been attacked in 86 countries (compared to 72 countries in the first quarter). The 10 countries most affected were China, South Korea, the United States, Hong Kong, the United Kingdom, Italy, the Netherlands, Canada and France - with Italy and the Netherlands replacing Vietnam and Denmark.
DDoS targets included one of the largest news agencies, Al Jazeera, the Le Monde and Figaro newspaper websites and allegedly the Skype servers. In the second quarter of 2017, the increase in the proportions of cryptocurrencies has also led digital criminals to try to manipulate prices through DDoS. Bitfinex, Bitcoin's largest trading exchange, was attacked simultaneously with the start of trading with a new cryptocurrency, the so-called IOTA token. Earlier, the BTC-E exchange reported a slowdown due to a strong DDoS attack.
Το ενδιαφέρον των διοργανωτών των επιθέσεων DDoS σε μετρητά υπερβαίνει τον χειρισμό των αναλογιών των cryptocurrencies. Η χρήση αυτού του τύπου επίθεσης για να αποσπούν χρήματα μπορεί να είναι επωφελής, όπως δείχνει και η τάση των Ransom DDoS ή RDοS. Οι ψηφιακοί εγκληματίες στέλνουν συνήθως ένα μήνυμα στο θύμα ζητώντας του ransom που κυμαίνονται από 5 έως 200 bitcoins. Εάν η εταιρεία αρνείται να πληρώσει, οι επιτιθέμενοι απειλούν να οργανώσουν μια επίθεση DDοS σε έναν κρίσιμο και σημαντικό διαδικτυακό πόρο του θύματος. Τέτοια μηνύματα μπορούν να συνοδεύονται από σύντομης διάρκειας επιθέσεις DDοS για να επιβεβαιώσουν ότι οι απειλές είναι όντως πραγματικές. Στα τέλη Ιουνίου, πραγματοποιήθηκε μια μακράς διάρκειας επίθεση RDoS από την ομάδα Armada Collective, η οποία απαίτησε περίπου 315.000 δολάρια από επτά τράπεζες της Νότιας Κορέας.
However, there is always another way that has become more popular in the last three months - Ransom DDoS without any DDoS. Fraudsters send threatening messages to a large number of companies in the hope that someone will decide to be safe rather than regret it later. Attack demonstrations may never happen, but if only one company decides to pay, it will bring profit to digital criminals with little effort.
“Today, it is not only experienced hi-tech groups of digital criminals who can attack with Ransom DDoS. Any scammer who has neither the technical knowledge nor the ability to mount a full-scale DDoS attack can purchase a demo attack for extortion purposes. These people mostly choose companies that do not protect their resources from DDoS in any way and therefore can easily be persuaded to pay a ransom with a simple demonstration," comments Kirill Ilganaev, Head of Kaspersky DDoS Protection of Kaspersky Lab.
Kaspersky Lab experts warn that if a victim company decides to pay, it can cause long-term damage other than direct monetary losses. The reputation of the payer quickly spreads through the networks and can cause further attacks by other digital criminals.
Kaspersky DDoS Protection combines Kaspersky Lab's extensive expertise in combating digital threats with the unique developments within the company. The solution protects from all types attacks DDoS, regardless of their complexity, strength or duration.
* The DDoS Intelligence system (part of Kaspersky DDοS Protection) is designed to monitor and analyze commands sent to bots by command and control servers (C & C) and does not have to wait until the user's devices are "infected" or until execute digital criminals' data collection orders. It is important to note that DDoS Intelligence statistics are limited to botnets detected and analyzed by Kaspersky Lab.
