Distributed denial-of-service (DDoS) attacks are increasingly being accompanied by extortionate demands against their victims, according to annual survey from Cloudflare.
Ransom-motivated DDoS attacks increased 29% year-on-year and 175% between Q3 2021 and Q4 2021, according to the study on cyber-attack trends.
In December alone, one out of every three Cloudflare clients who responded to a survey reported either being targeted by a ransom DDoS attack or being threatened by an attacker.
The manufacturing industry was the most attacked in Q4 of 2021 by application-layer DDoS attacks, recording an alarming seven-fold (641%) increase in the number of attacks. The business services and gaming/gambling industries were the second and third most targeted industries by application-layer DDoS attacks.
A new botnet called the Meris botnet emerged in mid-2021 and became the source of multiple high-volume application-layer DDoS attacks, Cloudflare said.
Application-layer DDoS attacks typically attempt to disrupt the operation of a targeted organization’s web server by bombarding it with fake requests, thereby making it unable to process genuine requests efficiently or (worse yet) crash.
Peeling through the layers
In Q4 2021 – November specifically – Cloudflare recorded a persistent ransom-motivated network-based DDoS campaign against VoIP providers around the world.
SYN floods and UDP (User Datagram Protocol) floods were the most frequent attack vectors, but the period also witnessed a big increase in SMTP-based network-layer DDoS attacks.
Commenting on the results, John Graham-Cummings, Cloudflare’s CTO, told The Daily Swig: “Q4 was very busy for DDoS attacks on the internet. We saw a big increase in random DDoS attacks as well as standard network-level DDoS aimed at knocking a service offline.
“This all points to DDoS attacks being relatively easy to perform and, via ransoms, a way to make money.”