In short, DDoS attacks are here to stay. Knowing how their tactics are changing and who is most at risk
            is crucial in defending against them, regardless of business size.



            Ease of executing DDoS attacks

            2022 saw a continuing evolution of sophisticated DDoS activities, with greater concentration occurring in
            certain industries and a change in the manner of attacks. While certain industries are at higher risk, all
            sectors remain vulnerable.

            As they’ve evolved, these attacks have remained prevalent for several reasons. For one, they are quick
            and sudden. For instance, short-burst attacks under 10 minutes long were the most common in 2022.
            These attacks are harder to detect, especially if organizations try using firewall rate-limiting policies to
            stop  them,  rather  than  carrier-grade  services.  Multiple  short-duration  attacks  exhaust  IT  resources
            because the next one starts before the organization can deal with the last one. What’s more, short-
            duration attacks are much harder to detect. While IT remains in an endless loop of dealing with multiple
            attacks,  adversaries  can  use  the  distraction  as  a  smokescreen  to  execute  more  insidious  attacks
            elsewhere. The short and abrupt nature of the attacks creates ideal circumstances for hackers.

            DDoS attacks are also incredibly easy and cheap to create. Tools like botnets or other devices can be
            bought or rented online to carry out DDoS attacks for low prices. The cost of a 100 Gbps attack on the
            dark web is just around $20. And, carrying out a DDoS attack requires little to no technical knowledge,
            unlike a few years ago when a determined attacker needed to assemble their own botnet. All the attacker
            needs to know is the target IP address or range of IP addresses they want to attack. The ease with which
            these attacks can be carried out makes them a popular choice for adversaries.



            The most targeted and susceptible businesses

            All businesses,  regardless of industry, are targets of DDoS attacks. However, we found that certain
            verticals are more targeted. It’s also important to note that attackers do not discriminate based on the
            size of an enterprise. Risks typically ebb and flow for each industry. However, there are several industries
            that have remained most vulnerable.

            Education is one of the most commonly targeted verticals for DDoS attacks, accounting for 46% of attacks
            in 2022. In addition to the accessibility of DDoS attacks, the volume of technology used in schools and
            free WiFi make them easy targets. Computers and tablets are essential for students now, and as schools
            embrace these technologies, they don’t always account for the risks they bring. There have even been
            reports of students boasting about disrupting their school's internet to avoid work. If the internet goes
            down at a school, the majority of work stops. Today, grading, projects, homework, and exams are all
            hosted in Software-as-a-Service (SaaS) applications in schools everywhere. With so much work and data
            hosted in one place, an attack can be detrimental.










            Cyber Defense eMagazine – October 2023 Edition                                                                                                                                                                                                          149
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.