There are a number of reasons why websites become victim of Dynamic Denial of Service attacks or DDoS. For example, the instigator wants to disrupt the ‘system’ by knocking out sites like Facebook or Instagram. The instigator may have an axe to grind against an establishment or government, or that instigator is a competing entity who pays others to perform DDoS attacks against the flourishing competition.
It seems that the latter is the most likely as there is a reported 85% YoY basis decrease in DDoS attacks as of the fourth quarter of 2018, thanks to a crackdown against DDoS-for-hire websites, otherwise known as booters. Thanks to the continuous efforts of the FBI, they managed to take down the domains of 15 of the world’s biggest booters resulting in the decrease.
“DDoS attacks in Q4 2018 saw a drop in both maximum and average size YoY (down 85.36% and 23.91%, respectively), while both rose QoQ (up 3.75% and 49.15%, respectively)”
–Threat Report 2018 Q4, Nexusguard
This doesn’t mean that DDoS attacks are almost over. Like torrent sites that somehow continuously resurrect themselves, these booter domains can be replaced unless the booters themselves are apprehended and their paying customers are taken down with them.
The EU law-enforcement agency Europol is currently on the hunt for these customers of DDoS for Hire services. Their latest accomplishment is the takedown of the booter website WebStresser resulting in 60% decrease of DDoS attacks in Europe.
Again, takedown of these sites should not result in complacency. DDoS attacks will only continue because the real problem is the lack of proper security measures to protect websites against these attacks.
“…the FBI’s December crackdown only scratched the surface of a global problem…. While booters are visible targets, businesses must also manage the vulnerabilities that stem from unpatched hardware and software, human error and new attack methods, especially as the footprint of IoT expands.”
–Nexusguard’s CTO, Juniman Kasman