The number of distributed denial of service (DDoS) attacks grew by 18 percent in the second quarter compared to the same period last year, a new report found.
In addition, application-layer attacks, which are more difficult to organize and protect against, showed significant growth increasing by 32 percent compared the same quarter last year, according to a report from Kaspersky.
The number of attacks in the second quarter of 2019 is 44 percent less than in Q1, which is not unexpected as such attacks usually reduce in activity in the spring and summer months, according to Kaspersky’s DDoS Q2 2019 report.
However, compared with the same period last year, the quantity of DDoS attacks in Q2 increased by 18 percent in 2018 and by 25 percent compared to Q2 2017.
If you take the seasonal decrease in attacks, it only had a minimal effect on the number of application layer assaults, dropping by just 4 percent compared to the previous quarter. These type of attacks target certain functions or APIs of applications in order to consume not only the network, but server resources as well.
These types of attacks are more difficult to detect and protect from as they include processing legitimate requests.
“Traditionally, cyber groups who conduct DDoS attacks go on holiday during the summer season and give up their hacking activity until September. However, the statistics for this quarter show that professional attackers who perform complex DDoS attacks are working hard even over the summer months,” said Alexey Kiselev, business development manager on the Kaspersky DDoS Protection team. “This trend is a cause for concern for businesses. Many are well protected against high volumes of junk traffic, but DDoS attacks on the application layer require identifying illegitimate activity even if its volume is low. We recommend that businesses ensure their DDoS protection solutions are consistently ready to withstand these complex attacks.”
The analysis of commands received by bots from command and control (C&C) servers revealed the longest DDoS attack of Q2 2019 lasted 509 hours for nearly 21 days. This is the lengthiest attack since Kaspersky started to monitor botnet activity in 2015. Previously, the longest attack lasted 329 hours and was registered in Q4 2018.