DDoS Attackers, Turn Fire on ISPs and Gaming Servers

DDoS Attackers Seem to Have Switched their Attention from Banks to Gaming Hosts, ISPs and Even Enterprises, Half-Year Figures from Chinese Mitigation Vendor, NSFOCUS, Have Confirmed. The Firm’s Recent Statistics, Show that, the Peak for DDoS Attacks on Banks Happened in the 1st Half of 2013, When they Accounted for an Extraordinary 45% of All Attacks, with Enterprises Second in the Target List at around 25%. By the 2nd Half of 2013, this had Started to Change with Bank Attacks Slipping under 10% - this has since Dropped to Fractions of a Percent. If Banks are Now Off the Menu, Online Gaming and ISPs are Suddenly Popular, Rising in the 1st Half of 2014 to 10% and Nearly 15% of Attacks, respectively. “This indicates how ‘trendy’ profit-driven hackers can be when selecting their attack prey, choosing the most ripe target for the times”, Said NSFOCUS’s Researchers. Oddly, the Firm Omits to Offer a More Detailed Explanation for these Trends in DDoS Attacks so, let’s Speculate to Fill in Some of the Blanks. The Wave of Bank DDoS Attacks in Early 2013, were Part of a Wider Assault on the Sector, which probably had Both Political and Financial Motivations. From One Side, Iranians Actors were Said to be Hitting US Firms as Part of a Cyberwarfare Campaign that had Started in 2012. From the Other Side, Criminals Started Using DDoS as a Distraction Exercise while they Attempted to Transfer Funds from Compromised Bank Accounts.


Both were Eventually Contained, or so it Seems. This Year’s Spike in Attacks on Gaming Websites, Seems to be Spurred by the Actions of Individual Hacking Groups that Want to Disrupt an a Multi-Billion Online Industry, a Good Example of which would be Last Week’s ‘Lizard Group’ Attack on Destiny, Call of Duty: Ghosts and Sony’s PLAYSTATION Network (PSN). They do it because they Can - this Kind of DDoS Attack is Now a Cheap Commodity. As for ISPs, these Attacks are More Significant and probably Relate to Probes against the Infrastructure that Holds Up Many Online Services. ISPs Offer a God Test Bed for New Types of Attack. NSFOCUS also Reports that, Attack Duration is Now Holding Steady with 93.5% of Attacks Lasting 30 Minutes or Less. Longer-Lasting Attacks Remain Curiosities, including a Single Attack in the 1st Half of 2014 that Persisted for an Extraordinary 228 Hours. Only 5% of Attacks Exceed 4Gbps. Other Firms Have Reported on 2 Far More Alarming DDoS Trends, Namely a Sudden Spike in Massive Attacks Exploiting Server Vulnerabilities and Protocols such as DNS, NTP and Even SNMP. A Good Example of Where Could be Leading Came with News of a 300Gbps Peak Attack on an Unidentified Data Centre, Reported in August by Verizon. A 2nd Aspect of this, is the Possibility of Combining Different Types of Reflection Attack into One Larger and More Complex Attack. This Happened for the 1st Time (as Far as is Known) Later the Same Month When Australian Data Centre, Micron21, Found itself on the Receiving End of a ‘CDRDos’ Storm.