Further research into botnet activities reveals that about 28% of attacks take place on weekends, with the share of attacks on Sundays increasing by 2,5 points, reaching 13%. The above findings come from Kaspersky's research on DDoS attacks in the fourth quarter of 2019.
In the fourth quarter of 2019, several took place DDoS large-scale attacks, which includes one against economic institutions of South Africa, Singapore and the Nordic countries. These cyberattacks also targeted the UK Labor Party in an attempt to disrupt its digital systems, as well as Minecraft servers in the Vatican.
This testifies that the DDoS It remains a common attack tactic among cybercriminals seeking financial gain or ideological motives, so organizations need to be prepared for such attacks and understand how they are evolving.
The research points out that the dominant trend during the last quarter of 2019 was the increased activity of botnets on Sundays. While the increase may seem relatively small (2,5 points), the percentage DDoS attacks on that particular day of the week were otherwise consistently the lowest in the rest of the year (about 11% of attacks in the first and third quarters, 10% in the second).
In the fourth quarter, Thursday turned out to be the day with the smallest DDoS activity. In general, the distribution of attacks during the week is now more balanced. The analysis shows that the difference between the most intense and the quietest day was only 2,5 points (in the previous quarter, the corresponding number was 7 points).
Distribution of attacks DDoS per day of the week in 2019
Although the number of DDoS attacks detected by Kaspersky DDoS Protection has increased significantly compared to the same period of 2018, the increase compared to the third quarter of 2019 is minimal (attacks in the third quarter of 2019 correspond to 92% of the fourth quarter of 2019).
There has been a more noticeable increase in so-called "smart" DDoS attacks (as attacks in the third quarter of 2019 were 73% of attacks in the fourth quarter of 2019), focusing on application overlap and carried out by skilled criminals.
This increase was quite predictable, as the period from November to December is traditionally popular for online, commercial activity. However, Kaspersky experts did not find any peak of actions on Black Friday or shopping days during the Christmas holidays.
"Despite the significant increase in general, this period turned out to be calmer than expected. We believe that we did not notice a number of attacks on specific days because the companies divided their activity in time in order to maintain the interest of the customers throughout the holidays. So, there is no need for cybercriminals to plan an attack on a specific event. However, attackers can still find a way to disrupt your free time, as cybercrime is not a typical 9-5 hour job, so it is important to ensure that the solution DDoS prevention can automatically protect your online assets ", comments Alexey Kiselev, Business Development Manager at Kaspersky DDoS Protection.
To help organizations protect themselves from DDoS attacks on weekends and during popular times of the year, Kaspersky recommends the following steps:
- Carry out endurance tests and web application tests with employees from within the company or with the help of external experts, in order to identify the weakest points in the company's infrastructure.
- Assign specialists in charge of maintaining the functions of internet resources. Make sure they know how to react in the event DDoS attacks and how they are prepared to respond to them outside of their scheduled working hours.
- Verify agreements with third parties and contact information. These include agreements with an internet provider so that you can contact them immediately in the event of an attack.
- Apply professional solutions to protect the body from attacks.