DDoS researchers are among most DDoSed
NexusGuard's Q1 2016 report has found that one of the favorite targets of DDoS attackers are attack researchers
Geopolitical considerations remain key when thinking about international DDoS trends
Among the top targets for DDoS attacks are DDoS attack researchers. That's according to NexusGuard's latest Quarterly DDoS Report which notes “Q1 has been incredibly interesting”, continuing, “companies have increasingly become targets, and unexpectedly, the Number One target for DDoS attacks was DDoS researchers themselves.”
The report points to a company, Loryka LLC, which though protected by a DDoS mitigation service, was attacked nearly every day in 2016s first quarter. The 90 attacks launched against the company targeted the research page of the company even though the page contained no research information.
Another contender for most targeted was Hurricane Electric Inc, a US-based internet services company.
Terrence Gareau, the chief scientist at NexusGuard explained this finding simply. DDoSers attacker researchers “for the same reason Pablo Escobar bombed the unit investigating him in Bogota; criminals don't want to be monitored. Furthermore, they do not want to have to work harder to perform their scams so they try to institute fear into the good guys.“
The latest report covers the first quarter of 2016 and collects data from the company's “external hybrid darknet”, a network of internet connected devices all over the world which in turn collect information on local DDoS activity.
The last report showed an overwhelming prevalence in global DDoS attacks targeting Turkey, chalking the country's DDoS storm up to the country's recent geopolitical interventions including the downing of a Russian jet in late 2015.
This, the report notes, turned out to be a fluke, with world powers once again ascending to the top spot of most targeted. “This level of DDoS-activity”, Gareau told SC, “was completely out of the norm and we don't anticipate we'll see a similar spike unless tensions return.”
Perhaps predictably, the US came out again as the most DDoSed country by quite some way, followed by China.
Still, the report maintains geopolitical considerations are a deciding factor here. The report predicts “the same distribution next quarter, provided that there are no geopolitical conflicts impacting DDoS-prone countries.
Remaining on the geopolitical point, the report adds that the DDoSers of the world are continuing to focus on the Middle East. Gareau reminded SC that, “according to the Internet world stats, the Middle East has an above average Internet user penetration, which leads to more people using it in their everyday life and as a result also being attacked.”
The DDoS attack is perhaps the favorite weapon in the hacker's arsenal. By using botnets, artificial networks of users, the attacker can flood a website with ghost users, thereby shutting down the site for legimate use.Concluding, the report makes mention of the fact that DDoS attacks are getting more serious: “Over the past few (months) there has been an evolution in the role of prey and predator, where the game of cat and mouse has become of seal versus the great white shark”. In fact DDoS, has taken more of the aspect of guerrilla warfare over the script-kiddie antics of yesteryear.