We all know what a great year distributed denial-of-service (DDoS) attacks had in 2016. In the last four months, the web registered two significant DDoS campaigns. The first targeted Brian Krebs at a peak size of 620 Gbps. The second struck Dyn and, in so doing, took down Twitter, Amazon, Spotify and other clients of the DNS provider’s critical infrastructure.
2017 was far quieter in terms of DDoS attacks, by comparison. But not for want of trying on the part of computer criminals. Indeed, Arbor Networks detected 6.1 million campaigns through September 30.
This figure breaks down to 22,426 attacks per day, 934 per hour, and 15 per minute. Additionally, the provider of network monitoring software observed several massive DDoS campaigns in 2017, with one even surpassing the attack that struck Krebs at 622 Gbps.
Amidst these millions of attacks, a few stood out for their targets and consequences. Here are five campaigns in particular that deserve mention.
1. Melbourne IT
Domain name registrar Melbourne IT, as well as two of its subsidiaries Netregistry and TPP Wholesale, suffered a DDoS attack on April 13. The assault began at 10:00 local time, forcing the victimized organizations to inform customers that their cloud hosting and mailing platforms, among other services, were at the time unavailable.
By 11:30, the companies had returned normal service by implementing “our DDoS mitigation services as standard operating procedure and… international traffic management measures.” It took them another hour to tell customers that they had resolved the issues and that they would continue to monitor the situation.
At 09:20 PDT on August 24, a DDoS attack deluged web hosting provider and domain name registrar DreamHost, knocking its systems –particularly its DNS infrastructure – offline.
The Register‘s Iain Thomson believes the attack originated from those who opposed the company’s decision to take on as Punished Stormer, a reincarnation of the neo-Nazi Daily Stormer website for which CloudFlare terminated service following the Charlottesville protests, as a customer that same day. DreamHost mitigated the attack a few hours later.
3. UK National Lottery
After 19:00 local time on September 30, someone decided to target the UK National Lottery with a DDoS campaign. The attack knocked the Lottery’s website www.national-lottery.co.uk and its mobile app offline, which prevented many UK citizens from playing the Lottery without visiting a partner retailer to purchase a ticket.
By 23:00 local time, the bulk of the attack had died down. Even so, the Lottery’s website and app continued to experience lesser issues until 03:00.
Electroneum cryptocurrency startup had crowdfunded $40 million worth of Bitcoin and Ether following an initial coin offering (ICO). Just before it launched its mobile mining app on November 2, the company’s website suffered a DDoS attack.
The campaign led Electroneum to lock investors out of their accounts while it worked to restore its network access. In the meantime, the Financial Conduct Authority took a moment to remind investors that ICOs offer no protection, which means investors should “be prepared to lose [their] entire stake.”
5. Boston Globe
On November 8 at approximately 15:00 EST, the Boston Globe suffered what was likely a probe to gauge the anti-DDoS defenses of bostonglobe.com and other websites owned by the company. This initial wave disrupted the newspaper’s telephones. It also interrupted its editing system.
Subsequently, the bad actors took the results of their test and resumed their attack at 11:00 EST on November 9. In so doing, they prevented many Boston Globe employees from doing their jobs and rendered bostonglobe.com inaccessible. Relief eventually came in mid-afternoon when the company’s Internet service provider put effective anti-DDoS measures in place.
Some Advice for the New Year
In light of the DDoS attacks discussed above, it’s important that companies make sure they prepare themselves for 2018 and beyond. Technology firms will continue to work to take down DDoS botnets like WireX. However, organizations should make sure they’ve protected themselves with DDoS mitigation technologies in the meantime.
For additional advice on how to defend against DDoS attacks, click here.