In a dramatic move, nearly fifty of the world’s largest booter services used to launch extensive distributed denial-of-service (DDoS) attacks have been taken down as part of an international crackdown operation. Websites, resources, databases, and even people around the world have been seized or arrested during the proceedings.
The operation, known as ‘Power Off’ is a collaborative effort between law enforcement in the United States, the United Kingdom, the Netherlands, Poland, and Germany. It aims to take action against DDoS attackers and enablers which are posing an ever-increasing threat to international security and critical infrastructure.
Operation power off
Major security players such as the US Department of Justice (US DOJ), Federal Bureau of Investigation (FBI), and Europol’s European Cybercrime Center have played a vital role in the operation.
As a previously concealed project, the operation chose its first targets in the ‘booter services’ category. Booter services, a recent cybercriminal option, has effectively lowered the entry barrier into cybercrime. Any low-skilled individual could launch serious DDoS attacks with a click of a button for a fee as low as €10.00.
However, the security departments have stated that they’re making no exceptions and that all DDoS attacks - no matter how small - are taken seriously. Already, a service that was used to carry out over 30 million attacks has been disabled, and seven administrators in the United States and the UK have been arrested, with more under threat.
Why nations are taking DDoS seriously
It’s clear to see that world leaders are beginning to tackle the threat of DDoS attacks and cybercrime. The ongoing Russia / Ukraine situation has demonstrated that they can completely cripple a nation’s critical infrastructure. As Russian ground forces prepared to invade in February 2021, Ukrainian governmental departments, online media organizations, financial firms, and hosting providers were slammed with a surge of distributed denial-of-service (DDoS) attacks, increasing in severity as Russia ramped up its aggression.However, Ukraine and its allies hit back, adding to the online war being waged between the two nations: Russian infrastructure and support services were hit with various DDoS attacks, seeing a 236% increase between February and March.
DDoS attacks can:
- Disable healthcare services
- Flood and confuse delivery of relief efforts
- Knock-out utilities
- Overload power stations
- Create a smokescreen for more severe attacks
Today, the opening salvo between forces and even terrorists is launched online with DDoS attacks. It is quickly becoming the go-to option as a response to geopolitical conflict due to its speed and ease of execution. Governments of the world are quickly beginning to realize this and are taking both reactive and proactive action, investing in security, cracking down on criminals, and, in the case of Switzerland, avoiding potential avenues of attack entirely with SCION.
Why it matters to you
Of course, DDoS attacks are not just an important element to consider if you’re a world leader. Businesses of all sizes and industries are the victims of DDoS attacks on a regular basis - and they’re not easy to resolve.
The cost of DDoS attacks
The average DDoS attack of 2021 lasted around 30 minutes, but today they average 50 hours. When you consider that DDoS attacks can cost businesses an average of €20,000.00 for every minute of downtime, the math paints an extremely grim picture for most large enterprises.
The prevalence of DDoS attacks
Many companies may believe that DDoS attacks are something that happens to other businesses - but this is a careless approach to the problem. According to the latest "DDoS Threat Intelligence Report," Netscout reported more than 6 million attacks in the first half of 2022, making it a record-setting year for DDoS. Techjury predicts that 23,000 DDoS attacks happen somewhere through the internet every 24 hours.
The lack of accountability
While enablers of DDoS attacks have been revealed through international efforts like Operation Power Off, Actual perpetrators of DDoS attacks are nearly impossible to trace. Most attacks are distributed over hundreds and thousands of other devices - many of which may be unwitting participants.
What you can do about it
Many organizations and governments from around the world are seeking the answer to this exact predicament. Proactively weeding out enablers and attackers through initiatives like Operation Power Off demands a substantive and concentrated effort from powerful actors. The majority of companies, individuals, and nations don’t have access to these resources or skills and so turn to more reactive or protective measures.
Reactive approaches to DDoS attacks often respond too late, causing a degree of expensive downtime before resolving. In addition, teams dedicated to cyber security are often preoccupied with DDoS attacks while the real cyber threat slips by undetected.
Protective measures face a similar problem - but often come with a harsh price tag. Standard protection is currently $2,714.22 per month plus additional data charges and offers no guarantees for complete security. The bottom line is if juggernauts like Facebook, Amazon, and Google itself cannot be 100% safe from DDoS attacks, neither can you.
However, there is one way to completely prevent or mitigate DDoS potential.
The key is to avoid the issue entirely.
SCION - a better alternative
Nations like Switzerland are protecting their financial, healthcare, and other critical infrastructures by taking their most important data off the grid entirely. SCION, as provided by Anapaya, enables organizations and nations to take control of their connectivity, effectively rendering their communications and data exchanges invisible to would-be attackers.
With additional features like geofencing, lightning-fast failover, and boosted cloud connectivity that goes beyond VPNs, it’s the perfect choice for business in the age of remote work.
If you are ready to protect your data and communications from DDoS attacks, contact Anapaya today.