A massive DDoS attack against Chinese telecom that lasted for 227 hours has broken all records. The attack lasted for 11 days, indicating that extended attacks have made a comeback. According to Kaspersky Lab researchers, the attack, which occurred in the second quarter of 2017, saw a 131% increase from the previous quarter and set a record.
The top 10 countries most affected by DDoS attacks this quarter were China, South Korea, the US, Hong Kong, the UK, Russia, Italy, the Netherlands, Canada, and France. In Q2, various organisations across the globe were targeted by destructive DDoS attacks.
For instance, international news agencies such as Al Jazeera, Le Monde and Figaro, as well as the largest Bitcoin exchange Bitfinex became targets of DDoS attacks. Hacker group CyberTeam's attack on Skype also made headlines, hinting that the scale of DDoS attacks in 2017 increased. The number of countries targeted by DDoS attacks also rose to 86 countries, compared to 72 in the first quarter.
Ransom DDoS attacks on the rise
Kaspersky Lab researchers also noted that ransom DDoS (RDoS), which is a new trend involving hackers extorting money from businesses using the threat of DDoS, has also become prominent this quarter.
"Cybercriminals send a message to a victim company demanding a ransom of 5 to 200 bitcoins," Kaspersky Lab researchers said in a blog. "Such messages are often accompanied by short-term attacks which serve as demonstration of the attacker's power. In most cases, they do not launch a demonstrative attack. Paying the ransom would create a certain reputation for a company and provoke further attacks of other cybercriminal groups."
Hackers launching such attacks are not "well-coordinated hacker professional teams". Instead, these attacks are increasingly becoming the handiwork of script-kiddies – "beginners who do not even possess the skills to launch a DDoS attack and only have the means for a 'demonstrative attack'."
"Those who fall victim to this scheme are companies that for one reason or another have no resources to organise security for their services yet capable of parting with available funds in order to pay the ransom," the researchers said.
"The share of 'normal' DDoS attacks will always outnumber RDDoS, as there are many other reasons behind DDoS attacks in addition to money extortion: unfair competition, political struggle, hacktivism, smokescreening etc.," said Kaspersky Lab researcher Oleg Kupreev, DarkReading reported . "Moreover, unavailability of online resources for many companies can be even more damaging than [the] amount of extortion."