16 december 2021
DDoS Attacks in the U.S.
What is the most attractive target for DDoS attacks today? This is a rather naive question. A successful business with great potential is always the number one target. The concentration of successful companies in the United States is undeniable, which increases the special interest of hacker groups.
The Covid-19 pandemic has had a devastating effect on the global economy. To cope with this outbreak, U.S. authorities have engaged in a record high volume of fiscal stimulus. Cyber groups are not concerned about individual national debt figures. They are concerned about the lump-sum benefits, which have reached unprecedented levels.
High-profile DDoS Attacks on the World's Most Powerful Economy
In 2000, an ordinary teenager is known as "Mafiaboy" decided to hack into several major websites. These were the online resources of CNN, Dell, and part of the e-commerce industries of eBay and Yahoo. At the time, some of the sources were considered the most popular search engines in the world. This attack had disastrous consequences and caused chaos in the stock market.
In 2012, six reputable U.S. banks suffered serious DDoS attacks. They were Bank of America, JPMorgan Chase, U.S. Bank, Citigroup, Wells Fargo, and PNC Bank. Financial institutions lost contact with their servers because of a botnet called BROBOT. This botnet generated 60 gigabits of DDoS attack traffic per second and caused a lot of problems for the founders of the banking structure. It was believed that the attack was carried out by the "Izz al-Din al-Qassam Brigades", which was the military wing of the Palestinian organization Hamas.
In the fall of 2016, DYN, a company that provides domain and email registration services for U.S. users, was attacked. The software operator Mirai published the source code on various hacker forums. He portrayed the source code, hoping to mutate it further. As a result, a major DNS domain name registration service provider was hit with a traffic stream of one terabit per second. This set a new record for a DDoS attack and was a real disaster for Dyn. It lost offline access to GitHub, HBO, Twitter, Reddit, PayPal, Netflix, and Airbnb for a while.
The year 2020 was marked by a large number of DDoS attacks. This is due to different events. Presidential elections or the transition of schools to distance learning. In the first case, hackers tried to attack voter registration services, but online resources were able to withstand the threat. Learning platforms proved less prepared for DDoS attacks. In the fall of 2020, many Massachusetts schools experienced communication outages. This was perceived as a temporary equipment failure. Only later did they learn about the DDoS attack with a lot of garbage traffic.
These are all links in the same chain. Although the affected parties claim that they were able to prevent the attacks. They say little about the true consequences of what happened. The risk of large-scale data theft always remains high.
2021 Sets a New Rhythm
Today, DDoS attacks have become a real problem for the United States. For example, the Alaska Department of Health is still recovering from the May 2021 cyberattack. The true impact of the hack and the extent of the theft of user data remains in question. The Department of Health and Human Services (DHSS) is urging citizens to take steps to protect their data. Some online DHSS services still have not been restored. There is no timeline as to when they will return to normal operations.
Hackers made a particular effort on July 4, the United States Independence Day. At that time, hundreds of American companies were attacked by extortionists who demanded millions of dollars in bitcoins. The attackers were linked to the famous REvil extortion hacker group, which has a Russian connection. The cybercriminals exploited numerous previously unknown vulnerabilities in IT management software. DDoS attacks targeted schools, small public sector agencies, travel and leisure organizations, credit unions, and many other companies.
Lately, DDoS operators have been generating their capabilities through consolidation. They are gaining new power by working together. A recent example is the symbiosis of a group of cybercriminals under the fictitious alias Fancy Lazarus. It incorporated the names of two groups: Lazarus and Fancy Bear, which have long attacked various organizations around the world. The victims are predominantly U.S.-based companies, who are set to pay ransoms ranging from 10 to 20 BTC.
Ransomware threats using DDoS attacks as a tool are becoming commonplace. Attackers are attacking successful businesses from a variety of sectors. They claim profits from wineries, professional sports teams, ferry companies, and hospitals. Hackers have not left the front pages of North America's most famous newspapers, impacting our daily lives. DDoS attacks have risen to the top of the U.S. president's agenda, becoming the nation's top national security concern.