DDoS attacks increasingly used as smokescreen for other security threats

Everyone who understands what a Distributed Denial of Service (DDoS) attack is fears the day it happens to their organisation. It’s a blunt, crude weapon, but it can render you completely powerless. Thing is, DDoS is increasingly being used as a smokescreen for much more serious security threats.

According to new research released by internet security firm Kaspersky, 74% of respondents representing the corporate sector reported that DDoS attacks against their companies coincided with other IT security incidents. Sometimes these are not coincidences, but deliberate attempts to distract IT personnel.

Known as DDoS smokescreening, the approach may have arisen because organisations don’t treat DDoS as a serious enough threat.

Read more: Why parents must teach their children about internet security

In the survey, respondents most often cited malware (21%) and hacking (22%) as the number one threats to their companies, while DDoS was chosen as the most dangerous threat by only six percent. At the same time, DDoS attacks often coincide with malware incidents (in 45% of all cases), and corporate network intrusions (in 32% of all cases).

According to Kasperky, Data leaks were also detected simultaneously with an attack in 26% of cases. Construction and engineering companies encountered this problem more often than others: according to respondents, 89% of DDoS attacks on these companies coincided with other types of attacks.

Even without taking collateral damage into account, DDoS attacks remain a serious problem that increasingly affects company resources. Kaspersky’s research revealed that in 24% of all cases a DDoS attack caused services to be completely unavailable (39% for government-owned companies). In 34% of all cases, some transactions failed due to such attacks (64% for transport companies).

Read more: Security and the Internet of Things: what you need to know

Last year, these figures were significantly lower: only 13% of companies reported that their services had become completely unavailable due to DDoS attacks, while errors in transactions were experienced by 29% of companies as a result of such attacks.

Significantly longer page loading times remained one of the most common consequences of DDoS attacks (53% this year vs. 52% last year); however, according to the survey, attacks can last for days or even weeks.

“It is natural that DDoS attacks are increasingly causing companies problems. The methods and techniques used by criminals are evolving, with attackers looking for new ways of ‘freezing’ their victims’ operations or masking intrusion into their systems. Even with a large staff of IT professionals it is almost impossible for companies to handle a serious DDoS attack and recover their services on their own. Moreover, if other malicious activity is going on at the same time, this multiplies the damage. The most dangerous part is that companies may never learn they were subjected to DDoS smokescreening,” says Evgeny Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab.