Cybercriminals are increasingly using Distributed Denial of Service (DDoS) attacks as a distraction while simultaneously conducting more malicious data exfiltration operations, new research shows.
A report by cybersecurity experts StormWall found that the number of DDoS attacks used as a smoke screen increased by 28% globally in January 2023 compared to the same period of the previous year.
StormWall’s data shows that in January 2023, fintech, retail and gaming were the industries most affected by “smokescreen DDoS” attacks. The fintech sector registered an increase of 71%, the retail sector 51% and the gaming sector respectively 47% year-on-year. Other notable entries, the report claims, include the education sector (up 16%), healthcare (up 14%), and telecommunications (8%).
Sneak attacks
Looking at specific geographies, companies in the US suffered the most, with a 32% year-over-year increase. China came in second with a 25% increase, followed by the UK with 17%.
The premise is simple: if a company doesn’t have enough staff, technology and automation solutions and other resources, it can only address a limited number of threats at a time.
Therefore, a distributed denial of service attack may require all hands on deck, leaving few resources to deal with any additional threats. While the IT team struggles to contain the DDoS (opens in new tab) attack, the attackers can focus on exfiltrating sensitive data that they can later sell on the black market or use for extortion.
Threat actors have a significant advantage here, as most DDoS attacks can be automated with relative ease.
But even when not used as a smoke screen, DDoS attacks are becoming increasingly popular. A recent report from Qrator Labs claims that the number of DDoS attacks will increase “significantly” in 2022, with minimum numbers for the past ten months being “significantly higher” than past peaks.
The duration of DDoS attacks has increased tenfold in just a year, which also points to more capabilities of the attackers in terms of their hardware.