The number of DDoS attacks in 2018 increased by 15% compared to 2017. Around the holidays in December, there was a noticeable peak in targeted attacks, primarily targeting web stores.
DDoS attacks are able to cause significant damage using relatively limited resources. When the website of an online store goes down during the holidays, it could cost the company millions in lost turnover. In early 2018, a number of DDoS attacks led to problems for the Dutch tax authorities, banks and national ID system. In retrospect, these attacks turned out to be the actions of lone wolves.
The police have been trying to take down the websites, known as booter and stresser sites, that make it possible to set up large-scale DDoS attacks in exchange for payment. According to Frank Groenewegen, Chief Security Expert at Fox-IT, it does not lead to the desired effect: “You can take fifteen of them offline, but if there are fifteen more still left, that won’t make any impact at all. Just a quick Google search, and the attackers will have found another one easily. As long as the attackers don’t feel like they’ll get caught, they will just continue doing what they’re doing.”
Young hackers are often unaware of the impact their DDoS actions have.
In many cases, these are young hackers operating on their own. It often starts out as online mischief, but what the attackers are doing is a punishable offence. “To many of them, it seems like nothing more than just pressing a button on their computer. They are often unaware of the impact their DDoS actions have,” says Groenewegen from Fox-IT. “A perfectly executed DDoS action could shut down half the country.”