So-called ‘Dark DDoS’ distracts IT teams from network infiltrations to steal sensitive data, experts warn
Next year will see an increase in ‘Dark DDoS’, the use of DDoS attacks being used as a smokescreen to distract IT teams while other incursions infiltrate networks to steal sensitive data, according to Corero Network Security, a global network security provider.
In its latest Trends and Analysis report, Corero said the vast majority of DDoS attacks experienced by its customers during 2015 were less than 1Gbps, and more than 95% of these attacks lasted for 30 minutes or less.
Dave Larson, COO at Corero Network Security, explained: “The highly sophisticated, adaptive and powerful Dark DDoS attack will grow exponentially next year as criminals build on their previous successes of using DDoS attacks as a distraction technique. The Carphone Warehouse attack in August was interesting because it was one of the first publicly reported cases of ‘Dark DDoS’ in the public domain. This is a new frontier for DDoS attacks and a growing threat for any Internet-connected business that is housing sensitive data, such as credit card details or other personally identifiable information.”
Corero’s Security Operations Centre has also recorded a sharp increase in hackers targeting their customers with Bitcoin ransom demands. During October 2015, 10% of Corero’s customer base was faced with extortion attempts, which threatened to take down or to continue an attack on their websites unless a ransom demand was paid. If the volume of DDoS attacks continues to grow at the current rate of 32% per quarter, Corero said, the volume of Bitcoin ransom demands could triple to 30% by the same time next year.