According to SiliconANGLE, the FBI’s shut down of the largest distributed denial of service (DDoS) for hire websites in the world has led to an 85 percent decrease in attack size worldwide.
The crackdown took place December 2018, and shutdown multiple websites that sold “high-bandwidth internet attack services under the guise of ‘stress testing.’” Research conducted by Nexusguard shows that the maximum attack size is down by 24 percent; Nexusguard also believes that the services taken down by the FBI this past December represented 11 percent of all attacks worldwide, SiliconANGLE says.
What are these attacks, exactly?
The attacks SiliconANGLE points to in this article are DDoS-for-hire sites that take advantage of vulnerabilities discovered in internet devices, like connected video games, routers, smart products and cloud services, and use bots to generate useless traffic that clogs up legitimate traffic a website actually wants. The clog ultimately gets so bad that the site crashes and is down for a period of time. A known example of this is the attack hacker group Lizard squad conducted on Christmas Day 2014, when it went after the PlayStation Network.
Not only are DDoS-for-hire sites aggravating, they can also wreak havoc on a company’s wallet. For example, SiliconANGLE reports that “DDoS attacks can cost small and medium businesses around $123,000 per attack. While large enterprise organizations do not fare so well, with expenses exceeding $2.3 million on average per attack.”
Even though the FBI’s crackdown on DDoS-for-hire sites has been successful thus far, SiliconANGLE says that attacks are still going to happen. Building off of research from Nexusguard, SiliconANGLE says that due to the rapid growth of these bot networks, new vulnerabilities, and the increase of smart devices hitting the market, decision makers and users alike should prepare: these continue “to increase the potential attack capabilities used by these services.”