DDoS attacks at an all-time-high in Q1 2022, says Kaspersky
More attacks and more targeted attacks than ever before. What could have happened to cause that uptick?
Kaspersky has released a report showing Distributed Denial of Service (DDoS) attacks hit an all-time-high in the first quarter of 2022.
The attacks detected by the security outfit easily surpassed those of the previous quarter and were up 46 percent on the same time last year. The number of targeted attacks was up by an even higher percentage – 81 percent compared to the previous quarter.
DDoS attacks, as Reg readers know, are designed to disrupt network resources of businesses and public services. They are particularly nasty when compromised systems are depended upon by the wider population.
Several Israeli government sites were knocked offline in March as servers buckled under a massive attack and miscreants have continued to make use of vulnerable systems to launch assaults on services.
"Q1 2022," said Kaspersky, "saw a sudden increase in attacks in late February as a result of the crisis in Ukraine."
Indeed it did. The report showed a spate of DDoS attacks on Russian websites (including those of the media and the government) kicking off from February 24. Responsibility for several attacks was claimed by individuals affiliated with hacktivist group Anonymous. Ukraine institutions and commercial services have also come under attack, with the website of the Mayor of Kyiv attacked and the sites of a number of Ukraine ministries defaced.
Russia's response to attacks on its services, according to Kaspersky, has been to fling up geofencing to restrict access from abroad and publish lists of IP addresses from where attacks allegedly originated.
As well as attacks arising from Russia's aggression in Ukraine, Kaspersky noted North Korean websites dropping offline following missile tests as well as attacks carried out on blockchain and NFT vendors.
Miscreants are also getting ever more creative. Kaspersky noted some demanding bitcoin from victims in exchange for protection against their attacks.
However, the major cause of growth is (according to Kaspersky) "the crisis in Ukraine". Without it, figures would actually have fallen relative to the previous quarter. Instead, there was a marked spike, although things calmed down a bit as March wore on.
- Five Eyes nations fear wave of Russian attacks against critical infrastructure
- Kaspersky cracks Yanluowang ransomware, offers free decryptor
- Microsoft details how China-linked crew's malware hides scheduled Windows tasks
- Enemybot botnet uses Gafgyt source code with a sprinkling of Mirai
Kaspersky itself has had a bit of a hard time of late. In March it was put on the US Federal Communication Commission's naughty step (apparently unconnected to Russia's activities in Ukraine) and Germany's cybersecurity agency took exception to the company's wares in the same month.
Still, the report makes for interesting reading. While Kaspersky noted the spike in DDoS attacks coincided with the conflict in Ukraine, it also noted the US still led the way in terms of attacks targeted against it, with 44.34 percent of attacks, up from 43.55 percent in Q1 2021.
Ultimately the advice remains the same – cyberdefenses need to be deployed in advance because once one is under attack, it'll be too late. ®