Posted on: July 19, 2023, 08:16h.
Last updated on: July 19, 2023, 10:50h.
Dedicated Denial of Service (DDoS) attacks create havoc, causing websites to go offline and IT departments to scramble to stop them. While there are different reasons why someone launches a DDoS attack, a new report suggests that many that target online gambling and other sites don’t originate from China or Russia. Instead, they come from the U.S.
Tech Business News compiled data from Cloudflare, a U.S.-based global cybersecurity company, that shows a 15% increase in attacks between the first and second quarters of the year. This is despite a 35% drop during the last six months of 2022.
In the third quarter of last year, Cloudflare detected 7.5 trillion attack requests. By the first quarter of this year, the figure dropped to 4.7 trillion before spiking again last quarter.
DDoS Attacks on the Rise
These DDoS attacks specifically target websites and API (Application Programming Interface) gateways. The gateways serve as the frontline for companies like iGaming operators, providing a central point of access. From there, the operator can route the user to the area he or she selects on the platform.
At the top of the list of targets for the attacks are cryptocurrency platforms. Cloudflare’s data showed that six of every 10,000 HTTP (hypertext transfer protocol) requests to crypto sites were part of an attack. That request is what is sent when someone enters a website URL into the browser to visit a site.
After crypto sites, gaming and gambling sites were next, with marketing and advertising sites collectively taking third place. Nonprofits aren’t immune, either, with 12% of DDoS traffic targeting them.
Russian, North Korea, and China have repeatedly been associated with DDoS attacks, particularly with those that look to break into crypto accounts. The US government believes North Korean hackers have stolen more than $3 billion in crypto, with DDoS attacks helping to find weaknesses.
Chinese hackers have repeatedly launched DDoS attacks on crypto targets. Recently, they’ve also been involved in breaches of U.S. government email accounts, including those of officials at the State Department.
“Hacktivists” with the REvil, Killnet, and Anonymous Sudan groups, which all support Russia, led a number of DDoS attacks in the quarter. They were mostly targeted at websites that supported “Western interests.”
According to Cloudflare’s research, none of these can be blamed as the primary source of the increased number of DDoS attacks. That honor goes to the U.S., which it calls “the primary source of HTTP DDoS attacks in terms of attack traffic volume.” Next is China, followed by Germany.
Attacks Become Regional
The second quarter of the year saw Israel record a “significant increase” in attacks in terms of total DDoS attack volume. That was enough to put it in fourth place for targeted attacks.
In first place is the U.S. Not only is it the source of most attacks, but it is apparently also the target. Canada and Singapore follow the U.S. in second and third.
Europe’s gaming and gambling ecosystem was the leading target of all gaming ecosystems. The marketing and advertising ecosystem in the US had the majority of the attacks of this segment.
The primary cryptocurrency target for attacks was the Asia market. At the same time, the “sporting goods” market in South America appeared to be a popular target for DDoS attacks.
A DDoS attack is made possible by flooding the target website with simultaneous requests from different IP addresses. One particular attack in the quarter targeted an unspecified ISP in the U.S., with the attack volume reaching 1.4 terabits per second.
These attacks, which almost anyone can launch with very little knowledge of the internet, aren’t always generated for financial gain. Sometimes, they’re meant to simply disrupt a website’s activity. If too many requests are received at once, the website, depending on its hardware and security, may not be able to handle them all. As a result, the site crashes, something commonly seen when one gaming-related company gets jealous of another’s success.
It’s virtually impossible to effectively mitigate the attacks 100%. There are measures websites employ to reduce the possibility of an attack, but that requires the website to be proactive and spend the money necessary to protect itself.
Related News Articles