Distributed Denial of Service (DDoS) is getting more sophisticated and intricate while becoming cheaper and easier to carry out. This trend is fuelled by the sheer amount of insecure internet-connected devices (specifically IoT products) that cybercriminals take advantage of.
DDoS attacks aren’t a new thing and have been a challenge for many years. The cyber attackers usually gain control of a device and direct its internet traffic at a target to take the victim offline.
When this happens, individual users and businesses are not able to access the digital services they need. This is mainly a big concern during the coronavirus pandemic, where many people are forced to be more dependent on digital services than ever before.
Causing disruptions with DDoS is easier than ever before
According to researchers at Digital Shadows, carrying out DDoS is increasingly becoming cheaper and easier than before. As such, even the less technically skilled cybercriminals can execute DDoS attacks. According to the research, cybercriminals provide DDoS services at a cost as low as $7 for carrying out disruption with a lifespan of anything from minutes to several hours.
If the attacker wants the disruption to last for a couple of hours, they need to pay more.
However, the price charged now is almost three times compared to what was charged in 2017 (an average of $25). This implies that DDoS-as-a-Service supply has significantly increased over the last three years.
The reason behind the low cost of DDoS attacks
The main reason why DDoS attacks are increasingly becoming cheaper and easier to execute is the proliferation of IoT devices. A significant number of IoT devices come with default passcodes and usernames. This means hackers can take control of them easily.
The second reason is that owners of the devices are not likely to notice when their devices have been compromised and that the traffic they generate is being exploited to assist in taking the target of the cybercriminals offline.
Lastly, the popularity of DDoS-as-a service has grown, and it is providing cybercriminals an easy way to make easy money. This service’s nature makes individuals or a group execute DDoS attacks while making tracking of their activities harder.