- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Type of Threat or Opportunity >
- Trend snippet: DDoS attacks to deny outsiders the access to a system or service were the third most prominent threat identified by European cybercrime investigators in 2018.
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
DDoS attacks to deny outsiders the access to a system or service were the third most prominent threat identified by European cybercrime investigators in 2018.
While denying a public or private sector entity access to its own data may be the primary threat in this year’s report, denying others access to that entity’s data or services was the third most significant threat highlighted by European cybercrime investigators. Of all the motivations behind such attacks those with an extortion element were overwhelmingly the most prevalent.
As in last year’s report, while extortion was the primary motivation behind DDoS attacks reported to European law enforcement, attacks of an ideological/political nature were also common, as were attacks without an apparent motive and which appeared purely malicious.
Where stated, the most commonly identified targets were financial institutions, and public sector entities such as police or local governments. Other targets included the likes of travel agents, internet infrastructure, and services related to online gaming.
Such was the case in February of 2018, when two record breaking DDoS attacks of 1.35 terabytes per second and 1.7 terabytes per second were launched against attack against code depository GitHub, and an unnamed United States-based website respectively. Attacks in 2019, however, trumped these figures. At the start of 2019, Imperva’s DDoS Protection Service mitigated a DDoS attack against one of its clients which crossed the 500 million packets per second (mpps) mark. That is more than four times the volume of packets sent at GitHub in 2018. In addition, the company believed at the time, it was the largest PPS attack publicly disclosed30. In April 2019, this belief became obsolete, as Imperva recorded an even larger attack against its clients of 580 mpps.
These DDoS attacks have serious consequences as they paralyse organisations, including parts of critical infrastructure such as banks, as well as continuously forcing them to increase their mitigation capacity to ensure business continuity.
Operation Power Off was executed in April 2018, led by the Dutch Police and the UK’s National Crime Agency, and supported by Europol and a dozen law enforcement authorities from around the world. The operation resulted in
the takedown of webstresser.org — considered at the time to be one of the world’s largest marketplaces for hiring DDoS services — with over 150 000 registered users, and the source of 4 million attacks. A year later and the success of the operation still resonates. Moreover, the activity continues as several law enforcement authorities pursue the users of these services, and target other DDoS-for-hire services27.