Cybercriminals using DDoS as “smokescreen” for other attacks on businesses: Kaspersky

Cybercriminals are sometimes using distributed denial of service (DDoS) attacks as a “smokescreen” to distract businesses while hackers launch other attacks, cybersecurity company Kaspersky Lab said in a recently released survey.

According to the 2016 Kaspersky Lab Corporate IT Security Risks study, more than half (56%) of businesses questioned are confident that DDoS attacks have been used as a smokescreen for other kinds of cybercrime, and of those respondents, a large majority (87%) reported that they had also been the victim of a targeted attack.

The annual survey was conducted by Kaspersky Lab in cooperation with market research company B2B International, Kaspersky said in a press release earlier this week. The 2016 study involved more than 4,000 representatives of small, medium and large businesses from 25 countries on their views on IT security and real incidents encountered.

Kaspersky said in the release that when businesses have suffered from cybercrime, DDoS has often been part of the attack tactics (29%). For example, one in four (26%) businesses that have suffered data loss as a result of a targeted attack named DDoS as one of the contributing vectors.

“DDoS prevents a company from carrying on its normal activities by putting either public or internal services on hold,” explained Kirill Ilganaev, head of DDoS protection with Kaspersky Lab, in the release. “This is obviously a real problem to businesses and it is often ‘all hands on deck’ in the IT team, to try and fix the problem quickly, so the business can carry on as before. DDoS can therefore be used not only as an easy way to stop the activity of a company, but also as a decoy to distract IT staff from another intrusion taking place through other channels.”

The survey also found that when DDoS attacks have been used by cybercriminals as a smokescreen, businesses also faced threats such as losses and exploits through mobile devices (81%), the actions of other organizations (78%), phishing scams (75%) and even the malicious activity of internal staff (75%).

“The research shows us that DDoS attacks are often aligned with other threats,” Ilganaev concluded. “Businesses therefore need to be aware of the full threat landscape, and prepared to deal with multiple types of criminal activity at any time. Failure to do this could increase the collateral damage, on top of already significant losses caused by downtime and the resulting impact on reputation. Businesses need to use a reliable DDoS protection service to reduce the risk of DDoS and help staff concentrate their efforts on protecting the business from any threats that can be hidden as a result.”