With everyone doing everything online last year thanks to Covid-19, there was an understandable increase in cyber criminal activity. In particular, cyber security group Kaspersky reported a “boom of DDoS attacks” in 2020. Kaspersky reports that they detected 31% percent fewer of these attacks in fiscal quarter 4 than in fiscal quarter 3, an incredibly steep decline. Kaspersky speculates that this may be due to the rise in cryptocurrency value, and cybercriminals devoting devices infected by their botnets to mining cryptocurrency rather than carrying out DDoS attacks.
DDoS? What’s that?
Some quick explaining for the confused. DDoS stands for “Distributed Denial of Service”. To carry out a DDoS attack, several things need to happen. First, the attacker has to use malware to infect a group of computers with a software that allows them to control them. This network of infected systems is called a botnet. The attacker then uses the botnet to spam a targeted server or system (one that provides its users with a service) with requests for data, effectively flooding it. This causes the server or system to be unable to deliver the service it does, and can even crash it.
The result: a loss in productivity and therefore income. Customers cannot get onto a web page offering a service and so the company who runs the page will lose whatever income they may have gained by it. DDoS attackers generally don’t make money off of these attacks. They carry them out for a range of reasons, from infantile pranks to activism.
So what happened last year?
As mentioned above, with many businesses going entirely online last year, there was a rise in DDoS attacks. But, even though there were still 10% more attacks in Q4 2020 than in Q4 2019, the number of attacks in Q4 2020 dropped from the previous quarter by 30%, says Kaspersky.
Kaspersky experts theorize that this could be because cybercriminals are turning their attention to where the money is: cryptocurrency. Cryptocurrencies like Bitcoin have been on the rise in the past few months, with Bitcoin jumping 305% in price over the course of last year, and hitting an all time high earlier this year. Cybercriminals could be devoting the computing power of their fleets of infected systems to mine cryptocurrency instead carrying out DDoS attacks.
Kaspersky explains that this makes sense when backed up with its statistics regarding cryptomining. Over the course of 2019 and the beginning of last year, the number of cryptominers was declining. However, in August of last year, this trend changed, jumping over August and September, then plateauing for the rest of the year.
“The DDoS attack market is currently affected by two opposite trends,” says Alexey Kiselev, Business Development Manager on the Kaspersky DDoS Protection team. “…people still highly rely on stable work of online resources, which can make DDoS attacks a common choice for malefactors. However, with a spike in cryptocurrency prices, it may be more profitable for them to infect some devices with miners. As a result, we see that the total number of DDoS attacks in Q4 remained quite stable.”
What happens next?
- Assigning specialists who know how to respond to DDoS attacks to maintaining your web resource operations.
- Validating agreements and contact information for third-parties, particularly ISPs, to ensure swift access to agreements in case of an attack.7
- Using professional solutions and resources, like those provided by a cybersecurity company, to protect your organization from DDoS attacks.