StormWall experts recorded a growing trend of cybercriminals using DDoS as a means to conceal multi-vector cyberattacks worldwide. According to the company’s experts, the number of DDoS attacks used as a smokescreen has increased by 28% globally in January 2023 compared to the same period in 2022. The research was based on data from StormWall’s clients.
The primary objective of multi-vector attacks is to disable an organization’s IT infrastructure or breach a system, gaining unauthorized access to confidential data, StormWall experts say. The stolen sensitive information can then be used for extortion or blackmail.
In these complex incidents, DDoS attacks were intended as a way of diverting attention from ongoing infiltration or data exfiltration activity. If the targeted company lacked a reliable anti-DDoS solution, the security team was forced to allocate all their resources to respond to the attack, which weakened their ability to defend against other threats.
During January 2023, the fintech, retail and gaming industries experienced a particularly large number of “DDoS smokescreen attacks.” These incidents increased by 71% in the fintech sector, 51% in retail and 47% in the gaming sector compared to the same period in the previous year. The education industry saw a 16% rise, in healthcare there was 14% increase and in telecom — 8% growth during the same period.
We tracked the largest surge in DDoS attacks which were used as a smokescreen for other hacks in the US. In January 2023, there was a 32% increase in these incidents compared to the same period last year. China, in second place, had a 25% rise and the UK — third place — a 17% rise.
In January, the highest number of cyberattacks that used the combination of DDoS and malware were recorded in the fintech sector, StormWall experts note. Threat actors combined malware with Distributed Denial of Service attacks to try to infiltrate the networks and websites of fintech companies. If the hack was successful, the personal data of these companies’ customers would be exposed. Additionally, some adversaries were able to execute website defacement attacks, which involves changing the content on one or more pages of a website. It is important to note that fintech companies who used advanced anti-DDoS solutions managed to counteract DDoS attacks, giving their security teams additional time to focus on defending systems from other threats.
“When it comes to preventing multi-vector attacks disguised with DDoS, there are a few key steps companies can take. First of all, investing in professional DDoS protection is essential — this will free up the cyber security team to focus on other threats. Secondly, regular IT infrastructure security audits should be conducted — this will help identify any potential bottlenecks that increase the risk of a DDoS attack,” says Ramil Khantimirov, CEO and co-founder of StormWall.