Analysts at Rostelecom calculated that over the three quarters of 2021, the number of DDoS attacks on Russian companies increased 2.5 times compared to the same period last year, and their average power increased by 26%. The main targets of cybercriminals are financial organizations, the public sector, and the online trading industry.
At the same time, the number of DDoS attacks on data centres and gaming, which a year ago were in the focus of hackers’ attention, decreased: in the gaming segment, the drop was 35%, and the interest of hackers in data centres fell by a quarter.
The researchers write that the largest number of attacks traditionally fell on organizations located in Moscow: during this period, their share amounted to 60% of the total number of incidents. The shares of other regions do not exceed 7%. The capital also leads in terms of the average power of DDoS attacks, which leaves more than 70 Gbps.
The main victims of hackers and their tools are similar in different regions. Thus, the number of DDoS attacks on banks (including those from the TOP-20) increased 3.5 times, but almost 90% of them occurred in September. The surge in DDoS attacks on the banking sector during this period was also recorded by other cybersecurity service providers, at the same time, public sources noted that a number of financial structures faced downtime of their online resources.
Online trading also remained in the focus of hackers’ attention: the number of DDoS attacks in this segment increased by 20%. The peak of hacker activity occurred at the beginning of the year, and the largest number of incidents was recorded in March. After a slight lull, attacks began to rise again in August. Experts believe that until the new year there will be a traditional upward trend in the number of DDoS attacks associated with Black Friday and New Year’s sales, which begin in November and continue until February next year.
The third industry that showed obvious growth (by 17%) was the public sector. In particular, the number of DDoS attacks doubled in August and September compared to the same period last year. Researchers do not exclude that attacks on state resources during this period could be associated with preparations for the elections to the State Duma.
Along with the number of attacks, their average power increased by 26%. And the value of the most powerful attack (462 Gbps) is one third higher than the peak value of the first three quarters of 2020. The longest attack in the reporting period lasted almost 4.5 days (a year earlier this figure was about 3 days).
At the same time, it is emphasized that hackers use already known techniques for organizing DDoS and no new tools appear. It is noteworthy that fragmented packet attacks (FRAG) were used twice as often during the reporting period. This is a relatively complex DDoS tool that involves sending multiple fragmented data packets to the victim. The server tries to process them but is unsuccessful because it cannot put the pieces together, which causes the failure.
Catch up on more stories here