DDoS Attacks and Mitigation
A distributed denial of service (DDoS) attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. According to Netscout DDoS Threat Intelligence Report, cybercriminals launched almost 7.9 million DDoS attacks in the first half of 2023, representing a 31% year-over-year increase.
What is DDoS mitigation?
DDoS mitigation is the process of effectively safeguarding a targeted server or network against distributed denial-of-service (DDoS) attacks. This protection is achieved through the use of specialized network equipment or cloud-based protection services, enabling the targeted victim to counter the incoming threat.
A 1H 2021 threat intelligence report from NetScout found that 5.4 million DDoS attacks were launched in the first half of 2021, which shows an 11% year-on-year increase. DDoS attacks are typically launched using botnets to overwhelm a target’s servers. It was also reported that there was a rise in cybercriminals targeting ISPs in 2021 via the Lazarus DDoS extortion campaign, focusing on authoritative domain servers. These DNS servers match IP addresses with domain names and provide details on where websites can be found to recursive DNS nameservers.
In addition to the Lazarus DDoS extortion campaign, The report also showed that adversaries use tracked botnet clusters worldwide to facilitate over 2.8 million DDoS attacks. The Gafgyt and Mirai botnets made up more than half of these reported attacks. The report states, “Ransomware gangs added triple-extortion DDoS tactics to their repertoire. Simultaneously, the Fancy Lazarus DDoS extortion campaign kicked into high gear threatening organizations in multiple industries with a focus on ISPs and specifically their authoritative DNS servers.”
While the Fancy Lazarus DDoS extortion campaign hit hard in 2021, the Mirai botnet has historically been ma