'Hacktivist' activity drives DDoS volumes to all-time high

(Image credit: Shutterstock) (Image credit: Shutterstock)

The war in Ukraine was a major catalyst for Distributed Denial of Service (DDoS) attacks, a new report suggests.

Cybersecurity researchers from Kaspersky have said that, between Q4 2021, and Q1 2022, the number of DDoS attacks grew 4.5 times, while the number of “smart” (or advanced and targeted) attacks rose by 81%.

To put things into perspective, Q4 2021 was said to have had the all-time highest number of DDoS attacks detected by the cybersecurity company.

Long DDoS attacks

In many cases, the attackers targeted Russian endpoints, predominantly in the public and financial sectors. These attacks, the researchers said, have “knock-on effects” on the wider population.

The attacks were both performed at scale, and in innovative ways. One example included a copy of the popular puzzle game 2048, which was used to DDoS Russian websites.

The average session also lasted 80 times longer than in the previous quarter. The longest attack, Kaspersky says, was detected on March 29, which lasted for 177 hours. The average DDoS attack usually lasts around four hours.

> DDOS attacks: how to prevent and protect your business against them

> DDoS attacks could soon be bigger and more dangerous than ever

> Israeli government confirms it was hit by huge DDoS attack

“The upward trend was largely affected by the geopolitical situation. What is quite unusual is the long duration of the DDoS attacks, which are usually executed for immediate profit,” said Alexander Gutnikov, security expert at Kaspersky.

“Some of the attacks we observed lasted for days and even weeks, suggesting that they might have been conducted by ideologically motivated cyberactivists. We’ve also seen that many organizations were not prepared to combat such threats. All these factors have caused us to be more aware of how extensive and dangerous DDoS attacks can be. They also remind us that organizations need to be prepared against such attacks.”

The Russia - Ukraine conflict has spilled into the cyber-realm from day one of the invasion. Among other incidents, a Ukrainian hacker leaked source code for Conti ransomware, allegedly operated by a Russian group.

After the leak, a number of copycats emerged, using Conti’s own source code to develop ransomware that was used against Russian organizations and entities.

Defend your premises from dangerous attacks with the help of a firewall

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.