DDoS attacks almost double in Q4 2019 compared to previous year

An analysis has revealed that the amount of attacks blocked by Kaspersky DDoS Protection in Q4 2018 amounts to only 56 % of attacks detected in Q4 2019.

Further investigation of botnet activity reveals that around 28 % of attacks happened on weekends, with the share of attacks on Sundays growing by two . 5 percentage points - reaching 13 per cent. They are findings from the Kaspersky Q4 2019 DDoS attacks report.

In Q4 2019, there were several large-scale DDoS attacks, including kinds against finance institutions in South Africa, Singapore and Scandinavian countries. These cyberattacks were also targeted at the labour party in britain as an effort to disrupt its digital systems, along with against Minecraft servers setup in the Vatican.

This demonstrates that DDoS is still a common attack method amidst cybercriminals seeking profit or driven by ideological motives, so organizations should be prepared for such attacks and know how they evolve.

The report highlights that the main trend over the last quarter of 2019 is increased botnet activity on Sundays. As the growth may appear relatively small (two . 5 percentage points), the share of DDoS attacks upon this particular day of the week had otherwise been the lowest, and consistent, through the entire remaining year (around 11percent of attacks in Q1 and Q3, and ten percent in Q2). In Q4, Thursday turned out to be the day with minimal DDoS activity. Generally, attacks became more evenly distributed over weekly. The analysis shows that the difference between your most active and the calmest day was only about two . 5 percentage points (in the last quarter, the figure was seven percentage points).

Distribution of DDoS attacks through week in 2019

Although the amount of DDoS attacks detected by Kaspersky DDoS Protection is continuing to grow significantly compared to the same period of2018, the growth compared to Q3 2019 is merely marginal (attacks in Q3 2019 mean 92 percent of Q4 2019). There is a more notable rise in so-called smart DDoS attacks, concentrating on the application form layer and completed by skilled malefactors(as attacks in Q3 2019 were73% of those in Q4 2019). Such an increase was quite predictable, since November to December is traditionally a favorite time for web business and retail activity. However, Kaspersky authorities didn't identify a spike on Black Friday or Christmas holiday sales days.

"Regardless of the significant growth generally, the season turned out to be quieter than expected. We advise that we didn't visit a storm of attacks on certain days because companies expand their activity to engage with customers for the entirety of the vacation period. So, you don't have for cybercriminals to launch an attack to coincide with a particular event. However, attackers can still locate a way to spoil your free time, as cybercrime isn't an ordinary nine-to-five job, so that it is important to make certain that your DDoS prevention solution can automatically protect your web assets," comments Alexey Kiselev, Business Development Manager on the Kaspersky DDoS Protection team.

To greatly help organizations protect themselves from DDoS attacks on weekends and during popular times of the entire year, Kaspersky recommends taking the next steps:

Conduct stress tests and web application audits with internal employees or by using outsourced specialists, to recognize the weakest points in company infrastructure

Assign specialists responsible for maintaining web resources operations. Ensure they understand how to act in the event of DDoS attacks and so are ready to respond outside of their scheduled working hours

Verify third-party agreements and contact information. This consists of arrangements with an internet service provider so that you can easily reach it in the event of an attack.

Implement professional answers to protect the business against attacks. For instance, Kaspersky DDoS Protection combines Kaspersky's considerable expertise in combating cyber threats and the company's unique in-house developments. The answer protects organizations against all sorts of DDoS attacks irrespective of when they happen.