DDoS or Distributed Denial of Services attack is a situation wherein thousands of unique IP addresses ‘crowd’ the entry to a particular network, leading to a disruption in their normal operation. Dark DDoS attack refers to a situation where DDoS Attacks are used as a distraction to the target’s IP team while sensitive data is being extracted from the servers. This distraction technique has been heavily successful in the past and is expected to grow exponentially in the current year.

The recent Trends and Analysis report by the Corero Network Security, a firm dedicated to providing the First Line of Defense security solutions against DDoS attacks, has predicted that there would be an unprecedented rise in the Dark DDoS attacks this year. This will lead to an increase in the ransom demands up to 30%.

The beginning

A Dark DDoS Attack was first reported in the public domain during the Carphone Warehouse attack in August. After this attack, it was publicly accepted that such attacks are a threat to any internet-connected business keeping personal and sensitive data of the customers which include their identifiable information and information relating to their credit card details.

The COO at Corero, Mr. David Larson, says that the traditional approach usually adopted for DDoS attacks simply fails in case of a sophisticated attack such as Dark DDoS. For preventing such attacks, it is a must that an always-on and inline DDoS mitigation solution capable of removing the threat and providing real-time visibility be employed.

Bitcoin ransom demands

A sharp increase in hackers targeting customers with Bitcoin ransom demands had been recorded last year. The hackers were adamant and threatened to take down the website unless their demands were fulfilled. Around 10% of the Corero’s customers faced extortion attempts in October last year. A quick calculation would tell you that at the present rate of 32% per quarter, the volume of such demands would triple to up to 30% by the same time in 2016.

Use of automated DDoS tools

Automated DDoS attack tools deploy a series of techniques until the target’s internet service is denied. The attackers, first, use techniques such as a DNS flood and upon an unsuccessful attempt, it automatically initiates the UDP flood. This keeps on continuing till until they get into the server of the target. The Corero’s Security Operations Centre has witnessed a surge in the automatic DDoS tools being deployed for carrying out such attacks.

Role of ISPs in mitigating such attacks

Expectations are that there will be an increase in the role of ISPs in mitigating such Dark DDoS attacks. According to the survey by Corero, 76% if the enterprise customers want their ISP to step in to prevent entrance of DDoS traffic onto their network. Further, more than 50% of the customers are willing to shell out 5-10% for the premium service for eliminating such attacks. Dave Larson says that this situation provides a perfect opportunity for ISPs to turn it into a business opportunity. Proving DDoS mitigation can weed out the problem even before it enters into the target’s network.


The present era is the knowledge era where a single incidence of such attacks could potentially damage your business and reputation for a lifetime. Thus, it is high time that the customers, as well as the ISPs, join hand together to mitigate such DDoS attacks. The ISPs can cash this situation by providing DDoS mitigating tools, while at the consumer end, proper techniques should be deployed to prevent any such attacks. Whatever happens, one thing is for sure that 2016 isn’t going to be an easy year.