Report: DDoS attacks increasing year on year as cybercriminals demand extortionate payouts

John Leyden 10 January 2022 at 16:06 UTC
Updated: 10 January 2022 at 16:59 UTC

Crooks attempt to cash in by upping the ante

DDoS attacks are increasing with cybercriminals often demanding extortionate payouts

Distributed denial-of-service (DDoS) attacks are increasingly being accompanied by extortionate demands against their victims, according to annual survey from Cloudflare.

Ransom-motivated DDoS attacks increased 29% year-on-year and 175% between Q3 2021 and Q4 2021, according to the study on cyber-attack trends.

In December alone, one out of every three Cloudflare clients who responded to a survey reported either being targeted by a ransom DDoS attack or being threatened by an attacker.

Catch up on the latest DDoS attack news and analysis

The manufacturing industry was the most attacked in Q4 of 2021 by application-layer DDoS attacks, recording an alarming seven-fold (641%) increase in the number of attacks. The business services and gaming/gambling industries were the second and third most targeted industries by application-layer DDoS attacks.

A new botnet called the Meris botnet emerged in mid-2021 and became the source of multiple high-volume application-layer DDoS attacks, Cloudflare said.

Application-layer DDoS attacks typically attempt to disrupt the operation of a targeted organization’s web server by bombarding it with fake requests, thereby making it unable to process genuine requests efficiently or (worse yet) crash.

Peeling through the layers

In Q4 2021 – November specifically – Cloudflare recorded a persistent ransom-motivated network-based DDoS campaign against VoIP providers around the world.

SYN floods and UDP (User Datagram Protocol) floods were the most frequent attack vectors, but the period also witnessed a big increase in SMTP-based network-layer DDoS attacks.

Commenting on the results, John Graham-Cummings, Cloudflare’s CTO, told The Daily Swig: “Q4 was very busy for DDoS attacks on the internet. We saw a big increase in random DDoS attacks as well as standard network-level DDoS aimed at knocking a service offline.

“This all points to DDoS attacks being relatively easy to perform and, via ransoms, a way to make money.”

YOU MAY LIKE Kazakhstan government shuts down internet following country-wide protests