By given Kaspersky Lab, the number of DDoS attacks in the fourth quarter of 2018 amounted to 56% of the number of attacks blocked by Kaspersky DDoS Protection during the last three months of 2019. That is, the number of DDoS attacks has almost doubled compared to the previous year.
Further research on botnet activity showed that approximately 28% of attacks occurred on weekends. Among the countries in whose territory a large number of botnets were registered, Russia took fourth place (about 4%).
According to the report, the main trend of the last quarter of 2019 is an increase in botnet activity on Sundays. So, the percentage of attacks on that day of the week increased by two and a half percentage points – up to 13%. Although such changes may seem insignificant, it is worth considering that the share of DDoS attacks on Sundays was about 10-11% for the other three quarters of last year.
Thursday was the day of the least activity of DDoS attacks in the fourth quarter of 2019. At the same time, the difference between the most and least calm day of the week was only about two and a half percentage points (in the previous quarter, this figure was seven percentage points).
Although the number of DDoS attacks detected by researchers has increased significantly compared to the same period in 2018, the growth relative to the third quarter of 2019 is insignificant: attacks in the third quarter amounted to 92% of their number in the fourth quarter.
More noticeably, the number of so-called smart DDoS attacks has increased (attacks in the third quarter amounted to 73% of their number in the fourth quarter), which are carried out by experienced cybercriminals. According to analysts, the approved growth is quite predictable, since November and December are traditionally the time for a large number of online sales and the heyday of retail.
It is also interesting that in the last quarter of the year, both attacks and command servers became much less, while the number of extra-long attacks (over 400 hours) exceeded the figures that experts managed to register in the entire history of observations. Experts believe that there may be a tendency to increase the number of complex and carefully organized attacks, albeit to the detriment of the total number of attacks.
“A significant surge in DDoS activity in recent years demonstrates that this type of attack is still very common among cybercriminals who seek financial gain or act in accordance with any other motives. Moreover, cybercrime is not standard work in the office from nine to five, so the continuous use of a protective solution to prevent DDoS attacks is necessary. Today, all organizations must be prepared for such attacks and understand the vector of their development, ”said Alexei Kiselev, Kaspersky Lab’s project manager for Kaspersky DDoS Protection.