Did you know that a DDoS-for-hire attack can cost less than a used car?

For a few thousand dollars, threat actors can now acquire a 150,000-strong botnet with a 1Tbps attack capacity. According to our most recent Threat Intelligence Report, unleashing a legion of bots on a victim cost far less than it would be expected. Several DDoS-for-hire vendors even provide free trials to allow customers to test basic attacks before ordering the real thing while charging as little as $5 for a few trial days. A full attack, however, costs between $5,000 to $7,000 and includes 100 concurrent attacks, no daily limits, and a committed one million packets per second (Mpps). Many service providers also frequently offer flexible payment schemes based on the attack configuration, duration, and power as measured in bandwidth and throughput. These attacks are highly effective as they are relatively cheap and simple to organise, especially if the targets lack reliable protection.

In 2021, cybercriminals launched approximately 9.75 million denial-of-service (DDoS) attacks. Although this represents a 3 per cent decrease from the peak of the pandemic, it still represents a 14 per cent increase over pre-pandemic levels. In addition, three high-profile DDoS attack campaigns took place in 2021, setting a new record. This also indicates that ransomware gangs are doubling down on triple-extortion attacks (ransomware + data theft + DDoS).

DDoS as a service
Subscribing to a DDoS attack is typically accomplished through a full-fledged web service, which adds extra secrecy and eliminates the need for direct communication between the customer and the organiser. The bulk of the offers we encountered included links to these resources rather than contact information. These web services are fully functional web applications that permit registered users to effectively manage their balance and DDoS budget. Some of these developers would even offer bonuses for every attack executed on their platform. In other words, cybercriminals also implement loyalty and other customer service programs. Customers can use them to make payments, get reports on work, or utilise additional services.

The complexity of attacks increase
As DDoS defences become more sophisticated, so do the attacks. Modern distributed DDoS attacks are practically unrecognisable when compared to those from 12, 10, or even five years ago due to the constant evolution of the threat landscape. These fraudsters have developed a multi-vector attack, which they frequently employ against victims who refuse to pay. A multi-vector cyberattack is characterised by using multiple entry points also known as a polymorphic attack. In other words, they don’t use a single method to infiltrate a network of a non-payment user in this case. This integrated strategy significantly improves their likelihood of success, the rate of contagion, and the severity of the damage.

Prevention is better than mitigation
To provide the user experience required by today’s digital businesses, it is essential to comprehend and interpret the intricate digital linkages that appropriately characterise speed, resolution, security and relevancy. A hybrid DDoS defence is required to prevent enterprises from falling prey to attacks with a volume of up to 600GB/sec. A multi-layered defence is the only tightly integrated defence capable of protecting an organisation from the whole spectrum of DDoS attacks. To properly prevent these multi-vector assaults, endpoint protection systems must implement a three-step multi-vector strategy. First, it would be best to anticipate and prevent the attack and infection; if you cannot forecast or prevent it, accurately detect and identify it. Then, lastly, guarantee you can contain and treat it.

Gaurav Mohan is the VP – SAARC and Middle East at Netscout

Read: Insights: You can’t manage what you can’t see