According to the Cybersecurity and Infrastructure Security Agency (CISA), targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks are on the rise.
These attacks, which include flooding a website with traffic in order to render it inoperable, are growing more sophisticated and are increasingly utilised as part of larger hacking efforts. One example is Microsoft’s Azure, Outlook, and OneDrive attack last month.
Erick Galinkin, a principal researcher at Rapid7, explained that the structure of modern websites and the use of APIs and cloud infrastructure make them vulnerable to DDoS attacks. Also, hacktivist groups like Killnet and Anonymous Sudan have been using DDoS attacks as their preferred method of attack.
DDoS assaults increased by 47% in Q1 2023, according to StormWall, mostly in the banking and e-commerce areas. This is owing to the simplicity with which botnets may be created and deployed. Furthermore, some hackers combine DDoS attacks with malware and demand ransom payments from organisations in order not to release files. According to Cloudflare, such “ransom DDoS attacks” were encountered by more than 16% of respondents in Q1 2023.
CISA suggests that organisations detect any maintenance or internal network issues and consult network managers in order to prevent DDoS attacks. Then, instruct them to monitor network traffic, identify the source of the assault, and install firewall rules or redirect traffic through a DoS prevention service. They should also call internet service providers to look into any disruptions or indirect targeting of networks.
The sources for this piece include an Axios.