The most common and easiest to perpetrate of cyber-attacks are the Distributed Denial of Service attacks, (DDoS). Why? Because for the price of a pint of beer anyone with a grudge or a cause célèbre can whip up automated distributed attack at their target of choice. There is no skill required, far from it.  These underground services are automated, only payment is required and a target IP address or domain address. Five pounds will get you around an hour’s worth of DDoS whilst for the price of an Xbox you can purchase a month’s worth of aggravated destruction. It is that easy!  It is these worrying facts that have pushed the reported incidents of DDoS attacks up by 35% in the last quarter. Sitting safe behind your firewall?  Think again.  The attacks are not trying to unpick your administrator password or steal your customer database.  This is valid traffic requests knocking on your door asking to be let in.  Just imagine twenty-five thousand people knocking on one door at the same time and you have to look through the spyhole to validate their entry.  In the end you would give up looking, and that’s the point. The systems are so swamped with requests that they fail. Nothing gets in, not even paying customers.

So where is all this activity coming from and who are the victims? China is by far the largest source of DDoS attacks with around 23%, but of the top ten source countries for DDoS attacks 50% of them are European countries, second in the rankings is Germany with 17%, then Italy 8%, Spain 7%, UK and France with 6% each.  The USA account for 12% and India, Korea and Russia have around 6% each.  The figures have changed since 2014 when the USA topped the chart as the largest source with China close on its heels. The more interesting question is why Europe?

Europe and the USA have the largest population of on-line gamers and it is the gaming industry who are the biggest targets for DDoS attacks. Blizzard’s BattleNet and League of Legends were taken down during 2014 and who have primarily seen the increase of attacks in their sector. The software and technology industries are also high on the list of attacks with eBay reeling from being targeted in May 2014. Other less well attacks have pushed this sector into second place in the hit parade with Internet and Telecom companies and the Media and Entertainment industry reaching third and fourth places respectively.

The bottom line is that DDoS attacks are on a significant increase due to the ease of availability and all industries are at risk. Mitigating against such attacks is a key issue that businesses should seriously consider. Providing heuristic traffic analysis on both native and encrypted packets is widely available.  It might be a service which business wishes to adopt on a low term, risk analysis basis or contract for on longer terms based on painful experience.  Node4 has a comprehensive N4Shield service which combines both appliance and core network defences to combat the dark forces of the hacker and mitigate against the crippling aspects of DDoS attacks.  Please contact us for further information.

John Williams