Monday, May 27, 2024

How DDoS Attacks Are Evolving During The Coronavirus

The denial of service attacks (DDoS) causes a system or service to be inaccessible to a legitimate user. We have seen a diverse range of DDoS attacks that have affected many users around the world used by the cybercriminals and government-backed hackers.

“A DDoS attack can cause a web page to become unavailable when receiving thousands of requests at a specific time,” for example, to make you understand the scenario better.

According to the latest security reports from several security portals and firms, the use of DDoS attacks has doubled during the last quarter for which there are records.

And to make it more efficient, the attackers are adapting several lures and baits related to the deadly COVID-19 or Coronavirus pandemic.

In short, the cybercriminals and government-backed hackers are taking the real advantage of Coronavirus to evolve the efficiency of DDoS attacks.

Apart from this, the problems that are present in these types of attacks is the consumption of resources in computers, like bandwidth, memory space, alteration of the configuration, information, interruption of physical network components, etc.

What is DDoS Attack?

A DDoS attack is an attack on a site, server, service, or infrastructure whose main objective is to disable or make the site, server, service, or infrastructure inaccessible by submitting a massive number of false requests.

As a result of such an attack, the servers serving the site are forced to process an excessive amount of false requests, and the site becomes inaccessible to a simple user, as told earlier.

Types of DDoS attacks

There are three forms of DDoS attacks, and here they are listed below:-

  • Volume-Based Attacks: This form of attack uses high traffic to flood the network bandwidth and make the site, server, service, or infrastructure unavailable.
  • Protocol-Based Attacks: This form of attack focus on exploiting the resources of the server to make it unavailable for the users.
  • Application-Based Attacks: This form of attack is considered as the most sophisticated and critical as it focuses on web applications.

DDoS Attacks Are Evolving During The Coronavirus Pandemic

According to the reports, the main causes of the increase in DDoS attacks is the rise of remote work. Everything related to the COVID-19, due to which the whole world is living in quarantine, and this situation has caused major alterations in all sectors.

Moreover, the average duration of attacks has also grown by 25 percent year-on-year. But, it does not affect everyone equally, as the attacks on educational resources and the official websites of towns and cities have increased threefold compared to the same period of the last year.

Apart from this, several security companies have also reported that overall they have recorded DDoS attacks on schools and cities accounted for almost a fifth of all security incidents in the first quarter of this year 2020.

In short, the DDoS attacks are more present than ever, as they have increased by two times compared to the previous quarter, although in some cases it has gone further.

Ultimately, the current global crisis, COVID-19 pandemic, has shown us that cybercriminals will always take advantage of any situation, and organizations must be ready for anything. Currently, we are seeing a higher number of ransomware attacks in healthcare organizations, and according to the reports, this situation will get worse. DDoS protection should be in place to mitigate the attacks.

Managed DDoS protection is essential for every business to stay cyber-resilient and to maximize the effectiveness of security initiatives by implementing secure solutions with proper methods.

How does a DDoS attack happen?

There are mainly three types of DDoS attacks, but they are logically divided into two types: attacks on the network layer and application layer part of the server.

During an attack on a network, an attacker tries to flood the server’s communication channel. As the communication channel is the one, which is responsible for the amount of data that the server is able to receive.

When there is too much data, the server unable to process the data and stop responding; as a result, the site becomes unavailable or inaccessible to all its visitors.

Meanwhile, during an attack on the application layer, an attacker can do a more targeted attack on a vulnerability of a application to deplete some of the server’s resources like the processor power, RAM, the number of processes, or connections to the database and this will not require too much compute power for the attacker to carry out the attack as it will be targeted.

As the server uses some of the resources every time a visitor performs an action on the site, and to make you better understand here we have an example, “when a visitor enters login details for an account, the server checks them and sends back the next page or shows an error.”

In this case, what the attackers do, they simply find the requests on which the server consumes the maximum of its resources, and then they send a huge amount of fake requests until it becomes inaccessible.

In most scenarios, attackers use botnets and automated tools to conduct a DDoS attack.

How to prevent a DDoS attack?

DDoS mitigation is an ongoing journey and the first step is to partner with experts who can provide not just software, but the expertise to manage it with

  • Visibility of risk
  • Steps were taken and recommendation to address the risk
  • Continuous monitoring as part of the service

It is recommended to consider partnering with Service providers like AppTrana provide complete infrastructure level protection against all types of DDoS attacks  and a managed DDOS and Bot mitigation service backed with 24×7 monitored support and rule /policy updates.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.


Latest articles

Kesakode: A Remote Hash Lookup Service To Identify Malware Samples

Today marks a significant milestone for Malcat users with the release of version 0.9.6,...

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software's web-based...

Hackers Exploit WordPress Plugin to Steal Credit Card Data

Hackers have exploited an obscure WordPress plugin to inject malware into websites, specifically targeting...

Google Patches Chrome Zero-Day: Type Confusion in V8 JavaScript

Google has released a patch for a zero-day exploit in its Chrome browser.The...

Hackers Created Rogue VMs in Recent MITRE’s Cyber Attack

State-sponsored hackers recently exploited vulnerabilities in MITRE's Networked Experimentation, Research, and Virtualization Environment (NERVE).They...

Hackers Weaponizing Microsoft Access Documents To Execute Malicious Program

In multiple aggressive phishing attempts, the financially motivated organization UAC-0006 heavily targeted Ukraine, utilizing...

Microsoft Warns Of Storm-0539’s Aggressive Gift Card Theft

Gift cards are attractive to hackers since they provide quick monetization for stolen data...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles