The war in Ukraine was a major catalyst for Distributed Denial of Service (DDoS (opens in new tab)) attacks, a new report suggests.
Cybersecurity researchers from Kaspersky have said that, between Q4 2021, and Q1 2022, the number of DDoS attacks grew 4.5 times, while the number of “smart” (or advanced and targeted) attacks rose by 81%.
To put things into perspective, Q4 2021 was said to have had the all-time highest number of DDoS attacks detected by the cybersecurity company.
Most of the growth was attributed to “hacktivists” who were looking to play a role in the conflict between Russia and Ukraine.
Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.
Long DDoS attacks
In many cases, the attackers targeted Russian endpoints (opens in new tab), predominantly in the public and financial sectors. These attacks, the researchers said, have “knock-on effects” on the wider population.
The attacks were both performed at scale, and in innovative ways. One example included a copy of the popular puzzle game 2048, which was used to DDoS Russian websites.
The average session also lasted 80 times longer than in the previous quarter. The longest attack, Kaspersky says, was detected on March 29, which lasted for 177 hours. The average DDoS attack usually lasts around four hours.
> DDOS attacks: how to prevent and protect your business against them (opens in new tab)
> DDoS attacks could soon be bigger and more dangerous than ever (opens in new tab)
> Israeli government confirms it was hit by huge DDoS attack (opens in new tab)
“The upward trend was largely affected by the geopolitical situation. What is quite unusual is the long duration of the DDoS attacks, which are usually executed for immediate profit,” said Alexander Gutnikov, security expert at Kaspersky.
“Some of the attacks we observed lasted for days and even weeks, suggesting that they might have been conducted by ideologically motivated cyberactivists. We’ve also seen that many organizations were not prepared to combat such threats. All these factors have caused us to be more aware of how extensive and dangerous DDoS attacks can be. They also remind us that organizations need to be prepared against such attacks.”
The Russia - Ukraine conflict has spilled into the cyber-realm from day one of the invasion. Among other incidents, a Ukrainian hacker leaked source code for Conti ransomware (opens in new tab), allegedly operated by a Russian group.
After the leak, a number of copycats emerged, using Conti’s own source code to develop ransomware that was used against Russian organizations and entities.
- Defend your premises from dangerous attacks with the help of a firewall (opens in new tab)