Nexusguard: ‘Booter’ DDoS Attacks on the Rise Again

Posted By

Channel Partners Online


June 26, 2019

That’s according to Nexusguard’s Q1 2019 Threat Report. Booter-originated DDoS attacks more than doubled compared to fourth-quarter 2018. Booters are web-based services that offer DDoS for hire at low prices.

The resurgence of DDoS as a service and increasing botnets reinforce the evolving cyberthreat of DDoS attacks for enterprises and communications service providers (CSPs). Donny Chong, Nexusguard‘s product director, tells Channel Partners any organization or business relying on uninterrupted online presence should get proper protection from DDoS attacks.

“From our experience, organizations that are more frequently attacked include those from the online gaming, software/tech, media/entertainment, financial service, education, public/government, business service, professional services, and aviation sectors,” he said. “DDoS attacks could cause revenue loss and customer loss, loss in brand/customer confidence, service outage, theft of confidential data and loss in online promotional spend/marketing efforts; therefore, enterprises should get necessary protection from a trusted vendor. As opposed to bringing mitigation in-house, which is a costly option, cloud mitigation is a cost-effective, scalable solution to protect network resources and ensure maximum uptime.”

“Bit and piece” types of attacks, or DDoS attacks that were smaller than one Gbps, continued to cause issues early in 2019 by becoming more automated and targeted, bypassing detection. Nexusguard researchers warn that CSPs will need to approach these evolved attacks with scalable, cloud-based DDoS detection and mitigation to reduce potential damages.

The report confirms the continued shift to the use of mobile devices in attacks, which has created a new breed of botnets that caused maximum attack durations to spike to more than 40,000 minutes at a time, or more than 27 days. People who experience sluggish performance, surges in data usage or noticeable decrease in smartphone battery life might be seeing malware warning signs. Smartphone users should keep devices up to date with the latest patches, uninstall suspicious apps and run antivirus software as a few ways to stay safe from malware.

“Network service providers are often a target of DDoS attacks,” Chong said. “Despite having little or no knowledge in how to mitigate increasingly sophisticated and stealthy attacks, they are often the first resource customers turn to when they are under attack. However, there is a significant amount of manpower and resources spent on investigating the root cause of the problem every time a customer reports an outage — was it hit by a DDoS attack, a malware intrusion, or is it down due to a technical glitch? If the service provider fails to protect customers, figure out what is going on, or avoid collateral damage, then not only will customers be disappointed, but the service provider will also have to offer financial compensation for downtime as pledged in their service-level agreements (SLAs).”

Nexusguard’s quarterly DDoS threat research gathers attack data from botnet scanning, honeypots, CSPs and traffic moving between attackers and their targets to help companies identify vulnerabilities and stay informed about global cybersecurity trends.

“Due to the increasing demand for DDoS attack services and the boom in connected devices, hackers for hire have doubled and DDoS campaigns are not going away for organizations,” said Juniman Kasman, Nexusguard’s CTO. “Businesses will need to ensure their attack protections can seamlessly evolve with new vectors and tactics that attackers seek out, which ensures service uptime, avoids legal or reputational damages, and preserves customer satisfaction.”