A common attack involves the attacker, a command and control, a botnet (i.e. exploited computers), and the victim. You can review a recent article, What is a DDoS attack?, for a little background and categorized by method.
Satori is a DDoS botnet that NETSCOUT has studied extensively for years. In fact, in January 2018, our ASERT team not only looked at the history of IoT botnets, but also took a detailed look at the evolution of Satori. As the team noted, “Each new version offers a fresh combination of targeted platforms, propagation techniques, and attack types. Contrasted with traditional software, in which features are added incrementally, Satori seems to go both forward and backward. Digging into the history will provide insight into this continually evolving threat.”
These days, DDoS attacks are often powered by professionally managed DDoS-for-hire services known as booters or stressers, which is reflected in the attack motivation findings. For example, the top motivation cited for attacks in 2018 was criminals showcasing their capabilities to potential customers.
For two decades, at NETSCOUT, we have tracked how DDoS attacks have been used as a form of online protest. “Hacktivism” has been enabled by the development of free online tools that enable anyone with a grievance or issue to easily launch an attack. Beyond do-it-yourself tools, we’ve also tracked the emergence of booter/stresser services that sell DDoS attack services, as any SaaS provider would. They offer different levels of capabilities and support, sophistication, and size. In some cases, you can even try before you buy. This combination of do-it-yourself tools and cheap for-hire attack services have driven the explosion in DDoS attack frequency.
The 14th annual Worldwide Infrastructure Security Report found that political motivations were a driving force behind DDoS attacks. In 2018, 60 percent of service providers witnessed attacks traversing their networks that were targeting governments, up from 37 percent just last year. As political instability increases around the world, we can expect DDoS to continue to be used as a form of protest.
It’s hard to believe the magnitude of these events and a great reminder to organizations to not only have the proper protections in place, but a complete understanding of the entire threat landscape going forward.
Enter your business location zip code below for business solutions in your area.
Find business zip code