Thursday, August 27, 2015

DD4BC are DDoS attack driving force, new report claims

According to the 'Distributed Denial of Service Trends Report - 2nd Quarter 2015' published by VeriSign today, between the period April 1 to June 30 there was increased activity from the DDoS For Bitcoin (DD4BC) attack group. This came not only in the form of ransom threats – the ransom being demanded in Bitcoin hence the name – but also in those threats not being paid off turning into actual attacks. Most DD4BC attacks have traditionally been, and largely remain, within the one to five Gbps size range. The report says that the second most targeted industry sector for all DDoS attacks was finance and payments which made up some 22 percent of those mitigated by VeriSign, and this was largely driven by the DD4BC attack group. The VeriSign conclusions appear to tie in with those from other recent Internet threat reports such as Akamai's 'State of the Internet - Q2 2015' which concurs that many DDoS attacks were fuelled by actors such as DD4BC and those copying their ransom tactics and attack methodologies. Akamai reckons that the group "expanded its extortion and DDoS campaigns during April and May" and it has found itself protecting "a growing number of customers" from DD4BC attacks as a result. Akamai says that several customers have received ransom demands threatening DDoS attacks of between 400-500 Gbps if the money was not paid, although it hadn't seen anything larger than 50 Gbps in reality up until the time the report was published. It would seem that DD4BC do not have quite the resources to pull off the size of attack that it threatens, considering that VeriSign has also not seen anything approaching three figures as of yet from it, so is DD4BC actually just a bunch of (albeit fairly successful) chancers?