Disruptive DDoS Attacks Can Be Accessible and Anonymous
In the fall of 2020, a high school student launched at least eight DDoS attacks that shut down the Miami-Dade County Public Schools online learning platform, the Miami Herald reports. Using “easy-to-download software,” he was able to bring virtual classes to a halt for three days.
That incident demonstrates one of the reasons that DDoS attacks have become so prevalent, Hummel says.
“The barrier to entry is superlow, it’s supercheap, and it can work,” he says. “It doesn’t take a sophisticated team of people. It can be a disgruntled 16-year-old who doesn’t want to go to school.”
In addition, compared to other cybersecurity threats, DDoS events are easier to launch anonymously, Hummel says. A false username and a masked IP address — via VPN access, for instance — obscure the trail of evidence.
“The majority of attacks are related to gaming and these attacks can have a financial motivation, as there are large amounts of money in the e-gaming industry and in underground betting," says Hummel.
In these sectors, DDoS may strike a broadband network with the goal of targeting players and disrupting a competition on which gamblers have placed bets.
Extortion is another common strategy. An attacker launches a demonstration DDoS and then sends an email demanding money and threatening an even bigger attack if the victim doesn’t pay. Here too, attackers have adapted their tactics, Hummel says.