The extended duration time of attacks and their frequency demonstrate an increasing tendency. The last few months showed that DDoS attacks were more frequently used as a tool of a political fight which was driven by money.
What direction cyberattacks are heading? What does the report prepared by Kaspersky "IT threat evolution Q2 2017" emphasise?
Cryptocurrency market renaissance
Money has always been a drive for cyberattacks. The cryptocurrency market is the interest not only of common users but also cybercriminals. The division of bitcoin (BTC) and the creation of a new cryptocurrency Bitcoin Cash (BCC) led to the increase in its value. In the second quarter of 2017, cryptocurrency markets such as BTC-E or Bitfinex fell a victim to DDoS attacks.
Cryptocurrencies, due to their value, are within the interest of cybercriminals which try to manipulate cryptocurrency stock exchange rate.
Hacker attacks are frequently used in political conflicts. The example is a DDoS attack on Al Jazeera which is the largest information network in Qatar. In May, French Le Monde and Le Figaro were attacked.
Each incident was aimed at paralysing information and interrupting political and organisational processes. In France, the e-mails of President Macron were stolen. These two attacks give a clear view of the effects of cyberattacks which may paralyse the entire country.
Bots which are Internet programmes used for infecting and conducting cyberattacks are one of the most frequently used tools in DDoS attacks. Bots are often owned by hacker groups which use them also for their own aims. In June hackers from Armanda Collective group demanded USD 315 000 from seven Korean banks under the threat of conducting a concentrated DDoS attack.
A new type of DDoS attack?
In Q2 2017 scientists from Corero Network Security registered over 416 DDoS attacks. That was a new type of attacks. It is based on the incorrect configuration of LDAP protocols (Lightweight Directory Access Protocol).
LDAP is commonly used when providing a username or password in databases. The highest number of DDoS attacks with the use of LDAP was 33 Gb / s. An average duration time of a cyberattack was 14 minutes.
MOST POPULAR CYBERATTACKS IN Q2 2017
DDoS ransom attack
The events of the last three months show that DDoS attacks are more frequently a bargaining instrument while extorting money. How does it look like? Cybercriminals send a message to companies or institutions with a demand for a specific amount of money. The ransom is provided in bitcoin cryptocurrency. If the ransom is not paid, cybercriminals inform that they will conduct a DDoS attack. The proper attack is usually preceded with smaller ones. Hackers usually choose companies for which the loss of data and website blocking generates huge financial and image losses.
Companies which do not have protection and security against DDoS attacks are most frequently attacked.
An important event in the Q2 2017 within cybersecurity was the discovery of a loophole in a free network software Samba. This software enables addressing network disks and printers. Such a gap allows for the remote control of a code in Linux and Unix systems. It means that cybercriminals are able to use devices based on this software to create botnets and use them during DDoS attacks.
Cyberattacks are one of the largest hazards of the 21 st century. The modern technology and general accessibility of the Internet make DDoS attacks or ransomware more common. In order to protect against the theft of data, money or manipulation it is worth taking care of the correct security of your website. How to protect against cyberattacks? First of all, do not open e-mails from an unknown source, do not click on unknown links, have your anti-virus programme updated. If you conduct your business in the Internet, use external protection against DDoS attacks.