As Distributed Denial of Service (DDoS) attacks continue to rise in frequency, size and complexity this year, security firm Kaspersky Lab has found that cybercriminals sometimes use these attacks as a smokescreen to launch other attacks on businesses. According to recently released findings from the 2016 Kaspersky Lab Corporate IT Security Risks survey, security researchers found that more than half of businesses questioned were "confident that DDoS has been used as a smokescreen for other kinds of cybercrime."
Around 87% of respondents reported that they were also the victim of a targeted attack, the survey showed.
Businesses that were the target of a cyberattack found that DDoS attacks were a part of the tactics 29% of the time. One in four businesses that lost data due to a targeted cyberattack said they were hit by a DDoS attack.
"DDoS prevents a company from carrying on its normal activities by putting either public or internal services on hold," Kirill Ilganaev, head of DDoS protection at Kaspersky Lab, said. "This is obviously a real problem to businesses and is often 'all hands on deck' in the IT team, to try and fix the problem quickly, so the business can carry on as before. DDoS can therefore be used not only as an easy way to stop the activity of a company, but also as a decoy to distract IT staff from another intrusion taking place through other channels."
The survey found that during a DDoS attack that has been used by a threat actor as a decoy to launch other attacks, businesses have faced various other threats as well including losses and exploits through mobile devices, phishing scams and malicious activity by internal staff as well.
"The research shows us that DDoS attacks are often aligned with other threats," Ilganaev said. "Businesses therefore need to be aware of the full threat landscape, and be prepared to deal with multiple types of criminal activity at any time. Failure to do this could increase the collateral damage, on top of already significant losses caused by downtime and the resulting impact on reputation."
The report follows an array of massive DDoS attacks targeting various companies, sites and services across a wide range of sectors around the world. According to tech giant Akamai's State of the Internet report for Q3 2016, large DDoS attacks are on the rise with attacks greater than 110 GBPS seeing a 138% increase over the past year.
In October, hackers launched a massive Mirai botnet-powered DDoS attack on DNS provider Dyn that knocked a slew of major websites offline in the United States and parts of Europe. Earlier this month, the same Mirai malware was used to target Liberia in a series of short "test" DDoS attacks to cripple the African nation's internet. Security researcher Brian Krebs' security blog KrebsOnSecurity also suffered a massive DDoS attack in September in addition to various other organizations and firms over the past year, particularly in the gaming industry.