Most DDoS attacks launched in response to disputes over business or gaming - FBI

The majority of distributed denial-of-service (DDoS) attacks are launched in response to disputes over business or gaming, according to federal officials investigating the incidents.

DDoS attacks occur when someone makes a service or tool unavailable by overloading it with requests.

According to Recorded Future News, the vast majority of media coverage of DDoS attacks in recent years has centered on groups connected to or supporting nation-states – namely Russia – that launch them against the websites of rival governments.

Most DDoS services examined by the FBI look like legitimate services, offering cheap plans – some of which offer 1,000 seconds of attack on one target at a time for just $20. Most of the services delineate their offerings based on length of attack, number of victims and price.

Most of the sites take payment through PayPal or accept cryptocurrency. The platforms offer customers ways to test their attacks and some even provide ways for users to find their targets’ IP address through a variety of other identifiers.

The two noted that in January 2022, several U.S. agencies and international partners joined forces to address the issue of DDoS attacks. They held a meeting with internet service providers, large tech companies and researchers to hear about their experiences tracking and stopping DDoS attacks.

One thing many participants reiterated was that the DDoS ecosystem was mostly populated with people who were not rich cybercriminals.

Most DDoS attacks were part of petty disputes between children or attempts by businesses to siphon customers

FBI special agent Elliott Peterson

FBI has convicted 33-year-old Illinois native Matthew Gatrel, who was sentenced to two years in federal prison last year after being convicted of running a service that helped people launch more than 200,000 DDoS attacks.

The number one source and motivation for DDoS attacks is people seeking to gain a competitive advantage in gaming, noting that businesses in Africa and Asia also target each other with this brand of attack.

There are countries in which you see extensive use of DDoS aspiring to shut down a competing business and draw their customers to the person launching the attack.

So that can be a good attack motivation. We also see retaliation attacks by businesses.

While they acknowledge that there had been a significant increase in geopolitically-tinged DDoS attacks in 2021 and 2022, their investigation into Gatrel and others running DDoS-for-hire services revealed that most simply wanted a leg-up during gaming sessions.

One key factor they found was that most DDoS attacks take place during the holiday season.

Historically and sort of sociologically, it has been one of the most massive DDoS periods. This is related to factors like kids are home from school or home for holiday break. They have extra time. They may get game consoles for Christmas or Hanukkah or Kwanzaa and they may get new games and want to try them out.

Nataly Kramer   by Nataly Kramer