DDoS attacks can have various motivations, from hobbyist hackers playing around to cybercriminals carrying out extortion rackets. DDoS attacks are fast becoming the most common type of cyberattack, growing rapidly in volume and number across 2017 and don’t look to slow down any time soon.
Motivation has shifted from the early days of DDoS attacks, which tended to be led more by hobbyist hackers acting out of curiosity than the types of DDoS attacks that are more prevalent today, which have a more specific intent.
The notorious 15-year-old hacker “Mafiaboy”, for instance, launched a DDoS attack against CNN.com purely because a fellow hacker had encouraged him to do it. “The sense of power I felt was overwhelming,” he wrote later of the attack which slowed down CNN.com’s news operations for around two hours. “It was also addictive”.
Types of motivation include:
Extortion – Cybercriminals use DDoS attacks, or the threat of a crippling DDoS, to extort money from their targets. Example: “The Lizard Squad” sending businesses extortion letter, demanding bitcoin payment to prevent a DDOS or other attack against their applications.
Nation State Attacks – These are rarely publicly announced, but frequently nation states authorize DDoS attacks against elements within their own countries (such as opposition websites) or against an enemy country’s infrastructure. Example: encrypted email provider “ProtonMail” was taken down in November 2015 by a serious DDoS attack which the Swiss company attributed to a state actor who wanted to adversely impact the secure communications service it offers for journalists and activists.
Business Rivalry – Businesses who want to take down a rival business launch DDoS attacks to damage their reputations, slow down business and question trust. In May 2017, Kaspersky Lab and B2B International found that victims of DDoS attacks are more likely to blame business rivals than cybercriminals.
Ideology – “Hacktivists” use DDoS attacks to target websites they disagree with on an ideological basis. Example: Probably the most famous hactivist collective is Anonymous. They claimed responsibility for a DDoS attack on the official website of Charlottesville, Virginia, following the incident in which many civil rights protestors were hit during a White Supremacist rally in August 2017.
Fun – “Script kiddies” can launch DDoS attacks against target websites, particularly small sites, through the simple purchase of a DDoS toolkit. These kinds of attack are increasingly common. Example: It was thought that script kiddies were behind the DDoS attack against DNS provider DYN in October 2016.
Intellectual Curiosity – “Hobby hackers” tend to be more advanced perpetrators of DDoS attacks, who write their own scripts and launch DDoS attacks for an adrenaline rush or to test out their own programming skills. They can be “black hat” hackers or “white hat” hackers, or fall somewhere in between. Example: the aforementioned Mafiaboy.