In December, the FBI seized the domains of 15 of the world’s biggest “booters” (websites that sell distributed denial-of-service, or DDoS, services) – a crackdown that’s led to an 85% decrease in the average size of DDoS attacks on a year-on-year basis, according to a new report.
According to NexusGuard’s DDoS Threat Report 2018 Q4, the number of DDoS attacks also fell by 10.99% when compared with attacks during the same time in 2017.
That’s thanks to the FBI taking down the booters that were allegedly responsible for what the DDoS security provider says was more than 200,000 DDoS attacks since 2014.
Besides the drop in overall activity, both the average and the maximum DDoS attack sizes also dropped like rocks – by 85.36% and 23.91%, according to NexusGuard’s analysis.
DDoS-for-hire sites sell high-bandwidth internet attack services under the guise of “stress testing.” One example is Lizard Squad, which, until its operators were busted in 2016, rented out its LizardStresser attack service. …an attack service that was, suitably enough, given a dose of its own medicine when it was hacked in 2015.
You might remember Lizard Squad as the Grinch who ruined gamers’ Christmas with a DDoS against the servers that power PlayStation and Xbox consoles – an attack it carried out for our own good.
For our own good, as in, these server clogger-uppers didn’t feel bad: some kids would just have to spend time with their families instead of playing games, one of them said at the time.
The 85% reduction is good news, but it’s not cause to let down our guards. NexusGuard believes that the 15 services kicked offline by the FBI represented 11% of all attacks worldwide. While the shrinkage in attack bandwidth has shown that the crackdown was effective, it’s likely just a drop in the bucket when it comes to the tsunami of internet e-gunk that people pay these services to hurl.
Juniman Kasman, chief technology officer for NexusGuard:
Seizing command-and-control servers, booters and other resources has been a big part of the FBI’s fight against cybercrime. But this shutdown only scratches the surface of a global problem.
Where are these attacks coming from?
China has the dubious distinction of being the top spot for launching DDoS bots – accounting for 23%, followed by the US with 18%. That’s not surprising, NexusGuard notes, given that the US and China also account for around a third of the total online population.
Rounding out the top five were France (7%), Russia (4%), and Brazil (2.5%).
anonymous coward
On what scheme does the USA have the authority to interfere with the workings of international jerks who attack other international jerks? Just because we like the result, does not give license to the US Empire to imprison these clowns.
Paul Ducklin
They don’t and didn’t. AFAIK in this case the FBI seized US domains and were investigating attacks against Americans in America by Americans in America. (Nothing to stop them working in harness with other countries to co-ordinate seizures, takedowns, takeovers, arrests and trials, but the FBI itself can’t arrest people who are in other countries.)
In this case the alleged crooks who got arrested were from Illinois and California.
anonymous coward
I begrudgingly acknowledge that you might be slightly correct, this time.
Wilderness
So are there any truly legitimate stress testing services?