The report details how the second half of 2021 established high-powered botnet armies and rebalanced the scales between volumetric and direct-path (non-spoofed) attacks.
Although threat actors have monetized DDoS threats and attacks in the past, we believe that popularization of cryptocurrency, willingness of some organizations to meet extortion demands (as was seen in the ransomware attack on Colonial Pipeline), and affordability of DDoS as a service (DDoSaaS) have encouraged threat actors to pursue these kinds of activities.
Our security team tracks DDoS weapons and their behaviors and reports on their frequency and impact over the last several years. Our latest H1 2021 DDoS Attack Mitigation: Global State of DDoS Weapons Report provides detailed insights into the origins of DDoS activity, highlighting how easily and quickly modern malware can hijack IoT devices and convert them into malicious botnets.
A study by Accenture revealed that less than half of new employees receive cybersecurity training and regular updates throughout their career. Just four in ten respondents said insider threat programs were a high priority.
Some of the tactics attackers use to coerce victims into paying are ruthless and could potentially be more damaging to an organization than a period of downtime. Attackers deliberately try to undermine their target’s relationships, trust and reputation. Sometimes the approach they take is very public; at other times, it’s more direct and personal.