DDoS attacks hit 15% more websites in 2018
In 2018, the number of websites hit by DDoS attacks went up by 15 per cent compared with 2017. The figures come from research by NBIP and SIDN, reported in detail by Dutch TV current affairs programmes NOS Journaal and EenVandaag last Sunday.
New measurement method
The decision to repeat the previous year's survey was taken following the publication of The impact of DDoS attacks on Dutch enterprises in November. That report combined our data on domain names with figures from the national traffic scrubber, NaWas to shed light on the damage that DDoS attacks can cause.
DDoS attacks increasingly targeted
In the earlier research, a spike in attacks on e-commerce websites was observed during December 2017. The repeat survey was therefore intended to establish whether a similar seasonal pattern was visible in 2018 as well. And it was. Indeed, even more e-commerce websites came under fire in 2018 than the year before. The highest peaks were visible just before the feast of St Nicholas (an important present-giving occasion in the Netherlands) and in the run-up to Christmas. More than 2,500 unique webshops were hit in December. Private website and business sites without webshops were affected less often last month.
Attackers often young
As part of its feature, NOS interviewed a nineteen-year-old suspect, who had been carrying out attacks for three years. It's a familiar perpetrator profile. One that helps explain why schools and colleges are often targeted. Especially around 8:30am, when lessons usually begin. However, there was no school holiday peak in 2018. That may have been partly due to the unusually hot weather -- things were very quiet throughout the summer. December and January saw easily the highest rates of attack.
Protect your website
Various highly effective options are available for protecting business and non-business websites against DDoS attacks. Your registrar or hosting service provider can tell you about the measures already in place. We also recommend reporting incidents to the police. It may seem like a lot of trouble, but research has shown that attackers often make repeat assaults and, if they aren't stopped, go on to get involved in other forms of cybercrime.