The first attack, launched against the Transport Administration on October 11, forced the agency to stop or delay trains, took down its email system and website, and affected online traffic maps. Similar attacks on the Transport Agency and Vasttrafik followed the next day.
Igal Zeifman, director at Imperva Incapsula, told eSecurity Planet by email that the attack should serve as a reminder of the importance of rapid DDoS mitigation. “In this case, like in many others, allowing the attack to succeed — even for a relatively short while — created deep technical and operational issues that persisted after the assault had subsided,” he said.
“Put simply, slow time-to-mitigation leaves organizations’ assets exposed,” Zeifman added. “Even a one-minute attack can lead to hours of downtime. In fact, according to the Q2 2017 Imperva DDoS Landscape Report, more than 80 percent of all attacks are hit-and-run or pulse-wave attacks, which can knock clients offline in a matter of minutes. Once knocked offline, it can take several hours to recover.”
According to Imperva’s Q2 2017 DDoS report, 75.9 percent of targets hit during the quarter were subjected to multiple attacks — the highest percentage the company has ever seen. In the U.S., 38 percent of sites were hit six or more times.
“This increase in the number of repeat assaults is another clear trend and a testament to the ease with which application layer assaults are carried out,” Zeifman said. “What these numbers show is that, even after multiple failed attempts, the minimal resource requirement motivates the offenders to keep going after their target.”
A separate Kaspersky Lab survey of more than 5,200 representatives of small, medium and large businesses worldwide recently found that 33 percent of respondents were hit by DDoS attacks in 2017, a significant increase from 17 percent in 2016.
Fifty percent of respondents said the frequency and complexity of DDoS attacks targeting organizations like theirs is increasing every year — 76 percent of respondents were hit by more than one attack in 2017.
Of those affected, 20 percent were very small businesses, 33 percent were SMBs, and 41 percent were enterprises.
Among organizations hit by DDoS attacks, 26 percent said they experienced a significant decrease in performance of services as a result, and 14 percent said they experienced a failure of transactions and processes on affected services.
DDoS attacks were also frequently used as a smokescreen — 50 percent of respondents said a DDoS attack was used to hide a malware infection, 49 percent said it masked a data leak or theft, 42 percent said it was used to cover up a network intrusion, and 26 percent said the DDoS attack was used to hide financial theft.
“The threat of being hit by a DDoS attack — either standalone or as part of a greater attack arsenal — is showing no signs of diminishing,” Kirill Ilganaev, head of DDoS protection at Kaspersky Lab, said in a statement. “It’s not a case of if an organization will be hit, but when.”
“With the problem growing and affecting every type and size of company, it is important for organizations to protect their IT infrastructure from being infiltrated and keep their data safe from attack,” Ilganaev added.