Cybercriminals upped their game in a big way in 2018, dramatically increasing the number and severity of DDoS attacks and refining their IoT attacks to entirely new levels.
The main takeaway from Netscout’s Threat Report that looked at the second half of 2018 was that cybercriminals built and used cheaper, easier-to-deploy and more persistent malware and cyber gangs added to this higher level of efficiency by implementing some of the same principles used by legitimate businesses.
These improvements helped malicious actors greatly increase the number of medium-size DDoS attacks while infiltrating IoT devices even quicker. Netscout reported that the number of DDoS attacks in the 100GBps to 200GBps range increased 169 percent, while those in the 200GBps to 300GBps range exploded 2,500 percent.
Netscout credited the growing popularity and availability of DDoS attack-for-hire kits for these increases. Interestingly, the number of terabit-level attacks, of which several were launched during the first half of the year, fell to zero in the latter part of the year.
DDoS attacks against consulates and embassies increased 186 percent during this period, but this paled in comparison to the airline sector, which saw a 15,000 percent increase in the number of attacks.
Netscout found that it takes, on average, only about five minutes before IoT devices are discovered and attacked once they connect to the internet, and fewer than 24 hours before they are targeted by specific exploits. The cybersecurity firm credited this quick turnaround to malicious actors behaving in a more business-like fashion and having more and better tools with which to work.
“[The] DanaBot campaign increased distribution efficiency and cut labor costs by using an affiliate model that encourages specialization among threat actors and substantially increases the pool of potential victims across the world,” the report said.
Netscout also noted it tracked 35 nation-state APT groups during the second half, with their top targeted entities operating in the academia, government, finance and telecommunications sectors.