Skip to main content

A Cybersecurity Lesson: Educational Sites Suffer Rise in DDoS Attacks in Q3

November 1, 2018

In the third quarter of 2018, DDoS botnets attacked online resources in 82 countries

Woburn, MA – October 31, 2018 – Today, Kaspersky Lab is announcing the availability of its DDoS Q3 Intelligence Report, which marks a continued trend in cyberattacks aimed at educational organizations, as they’ve opened their doors after a long summer and students are back in school.

Overall, the report shows that DDoS botnets attacked targets in 82 countries in Q3 2018 – up from 74 countries in Q2 2018. China remained first in terms of the number of attacks and the U.S. returned to second after losing its place in the top three to Hong Kong in Q2 2018. However, third place is now occupied by Australia – the first time it has reached such heights since Kaspersky Lab DDoS reports began. 

There are also changes in the top 10 countries with the highest number of active botnet command & control (C&C) servers. As in the previous quarter, the U.S. remained in first place, but Russia moved up to second, while Greece came third.

In addition, Kaspersky Lab experts noticed an overall decline in the number of DDoS attacks this year, which could be due to many bot owners reallocating the computing power of their bots to a more profitable and relatively safe way of making money: cryptocurrency mining. However, despite attackers moving away from DDoS attacks due to less of a financial gain, there is still the risk of DDoS attacks causing disruption to businesses and educational institutions. 

Attackers were most active during Q3 2018 in August and September, proven by the number of DDoS attacks on educational institutions increasing sharply at the start of the academic year. This year, the most prominent attacks hit the websites of one of the UK’s leading universities – the University of Edinburgh – and the U.S. vendor Infinite Campus, which supports the parent portal for numerous public city schools.

The analysis and report from Kaspersky Lab experts also found that the majority of these DDoS attacks were carried out during term time and subsided during the holidays. More or less the same result was obtained by the British organization, Jisc. After collecting data about a series of attacks on universities, the organization determined that the number of attacks fell when students were on holiday. The number of attacks also decreases outside of study hours – with DDoS interference in university resources mainly occurring between the hours of 9 a.m. to 4 p.m. The research suggests that responsibility for the attacks could lie with the students.

“The top priority of any cybercriminal activity is gain,” said Alexey Kiselev, business development manager on the Kaspersky DDoS Protection team. “However, that gain doesn’t necessarily have to be financial. The example of DDoS attacks on universities, schools and testing centers presumably demonstrates attempts by young people to annoy teachers, institutions or other students, or maybe just to postpone a test. This sort of ‘initiative’ shown by students and pupils would be amusing if it didn’t cause real problems for the attacked organizations which, in turn, have to prepare to defend themselves against such attacks.”

Read the full version of the report on Securelist.com.

*The DDoS Intelligence system (part of Kaspersky DDoS Protection) is designed to intercept and analyze commands sent to bots from command and control (C&C) servers, and does not have to wait until user devices are infected or cybercriminal commands are executed in order to gather data. It is important to note that DDoS Intelligence statistics are limited to those botnets that were detected and analyzed by Kaspersky Lab.

About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Kaspersky Lab Media Contact: 
Denise Berard
781.503.1836
Denise.Berard@kaspersky.com 

A Cybersecurity Lesson: Educational Sites Suffer Rise in DDoS Attacks in Q3

In the third quarter of 2018, DDoS botnets attacked online resources in 82 countries
Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Related Articles Press Releases