Online Games and E-commerce Platforms, the Ones That Receive the Most DDoS Attacks

According to an OVH study, denial-of-service attacks are especially directed at these sectors and are also evolving in intensity and type to try to exploit vulnerabilities in the Internet of Things. The world of gaming and e-commerce platforms are the sectors most affected by a distributed denial of service attacks or DDoS attacks, according to an OVH study based on the analysis of the most attacked IP addresses over the past year and the profile of the users of these addresses. The cloud service provider has detected that online gaming services have been the most attacked, with Minecraft servers leading the way, followed by e-commerce platforms, which concentrate a high number of attacks regardless of their size:

The rest of the activities that receive attacks belong to very heterogeneous sectors: innovative startups, public administrations, and information websites are some of the most prominent, for reasons as diverse as the rivalry between competitors, disputes between users, or the censorship of media. communication.

But DDoS attacks don’t exclusively target the big hosting providers. All internet actors are exposed to these cyberattacks in one way or another. For this reason, the ability to anticipate these attacks, closely observing their evolution, and promoting the means to protect their users is key.

In a large majority of cases, the motivations of the attackers are financial: the attacks are launched to obtain funds directly through extortion. Other times they follow a more subtle strategy: they cause damage to competitors to attract their customers. And, although online games have been the sector that received the most DDoS attacks due to the rivalry between game administrators, these practices are not exclusive to the gaming sector. For example, there have been cases of anti-DDoS publishers launching attacks to then promote their protection products to the victims they attacked.

The Increased Volume of Attacks

This quantitative balance shows to what extent the distributed denial of service attacks continue to be a major concern for all internet players. Last year, 60,000 IP addresses other than OVH suffered at least one DDoS attack. VAC, OVH’s anti-DDoS protection system, detected an average of 1800 DDoS attacks per day, which is equivalent to about 50A 000 per month, with June being the month with the most attacks recorded.

Furthermore, this report reveals that the majority of attacks are concentrated in the afternoon, especially between 7:00 p.m. and 9:00 p.m. This band coincides with the busiest peaks of gaming and e-commerce platforms when bandwidth is most in demand. This is when it must host both legitimate and illegitimate traffic (generated by attacks), at a time when the minimum congestion would affect the quality of service, which is perceived by all users.

The Typology of Attacks Has Evolved

Although in the foreground are well-known attack vectors such as UDP (with 27% of all attacks), SYN Flood (with 21%), and amplification attacks (with 20%), a Further analysis revealed an evolution of the strategy: the attackers preferred to maximize the number of packets per second, by sending packets that were very small or less than 100 bytes in size, rather than saturating the bandwidth.

Besides, attacks targeting the application layer (L7) have increased considerably and the botnets IoT have been restructured, which shows that cybercriminals are trying to take advantage of the vulnerabilities of connected objects to continue obtaining a financial benefit from their attacks. These trends reflect the continuous adaptation of attackers’ techniques, and that is why actors like OVH must continue to invest to maintain the protection of their users at the highest level.

Protect your organization from DDoS Attacks by installing the best total security software.