Kasperksy researchers have blamed pesky schoolkids for the big September spike in denial-of-service attacks.
They found that more than half of DDoS attacks in the third quarter happen in the month of September. Overall attacks were up just over 30 per cent compared to the second quarter and increased by a similar amount compared to the same period last year.
But unlike other periods, the growth is mostly down to quite simple methods rather than an increase in smart, application-based attacks. That and the targeting of mainly education sites – 60 per cent of stopped attacks were against either schools, universities or electronic journals – led Kaspersky to believe that students are to blame for the uptick.
The Russian security firm said: "We observed a similar picture last year, since it is due to students returning to school and university. Most of these attacks are acts of cyber hooliganism carried out by amateurs, most likely with no expectation of financial gain."
Alexey Kiselev, biz dev manager on the Kaspersky DDoS Protection team, said: "Despite this spell of seasonal activity from young hooligans, who appear to celebrate the beginning of the school year with a spike in DDoS attacks, the more professional market of DDoS attacks is rather stable. We have not seen an explosive increase in the number of smart attacks."
Kiselev noted that, whomever was responsible, DDoS attacks can still cause serious and expensive headaches for businesses and other organisations.
Researchers found there is still a substantial role played by DDoS-for-hire websites. Despite efforts by the FBI to take them down, new sites have sprung up in their place.
Kaspersky believes the multiple attacks on World of Warcraft Classic servers in early September was run via automated DDoS-as-a-service websites and that the person arrested for the attacks was likely just a client of such a site rather than a skilled hacker.
Researchers have also noted a geographic shift of DDoS attacks with developing countries playing an increasing role as smartphones and broadband routers become more common. At the same time, cybersecurity awareness continues to increase and better use of defences at provider level in countries where cybercrims have been active for a long time pushes attackers to look for easier pickings. These two factors pushed South Africa into the top 10 ranking for the first time in fourth place behind China, the US and Hong Kong.
In the fourth quarter the security firm expects to see growth in total numbers of attacks, length of attack but also in the number of smart attacks. This will be fuelled by criminals looking to exploit increased commercial activity around Christmas but it expects growth to be fairly moderate as the DDoS market stabilises.
Kaspersky collects data from intercepts from command-and-control servers sent to bots to make its analysis and predictions. ®