Security News > 2023 > April > DDoS attacks shifting to VPS infrastructure for increased power
Hyper-volumetric DDoS attacks in the first quarter of 2023 have shifted from relying on compromised IoT devices to leveraging breached Virtual Private Servers.
In general, Cloudflare reports steady DDoS activity in the first quarter of the year, with a notable 60% YoY increase in the ransom DDoS attacks, representing 16% of all recorded/reported DDoS attacks.
These extortion-based DDoS attacks cause service outages to the target by bombarding them with garbage traffic and continue indefinitely until the victim meets the attacker's demands.
In terms of the size and duration of the attacks, most of them lasted for under 10 minutes, while 91% did not exceed 500 Mbps. However, the number of larger attacks is still growing, with attacks surpassing 100 Gbps, recording a rise of about 6.5% compared to the previous quarter.
DDoS attacks can manifest in many ways, and as defenses evolve to address them, attackers may devise new methods or return to old tactics that newer protection systems may not prioritize anymore.
958% QoQ rise in DNS amplification DDoS attacks, where the attackers exploit DNS infrastructure flaws to generate large amounts of traffic.