Among the trends observed in the Verisign Distributed Denial ofService Trends Report for Q1 2015 is that the frequency of attacks against financial services and publicsector customers increased to represent 18% of mitigations.

Verisign attributes the uptick in attacks toward financial services and public sectorindustries to the increased employment of DDoS attacks as part ofpolitical activism, or hacktivism, against financial services firmsand various international governing organizations.

“Since the early days of the Internet, malicious actors haveused DDoS attacks as tools of protest, financial gain, retaliationand simple mischief,” the Verisign report stated. “A look into thevarious reasons why these actors use this increasingly effectiveform of online attacks can help victims and security professionalsbetter understand, anticipate and prepare for these increasinglyaccessible and disruptive threats.”

Other key findings for the period starting Jan. 1, 2015 andending March 31, 2015 included: More attacks took place in Q1 2015than in any quarter in 2014, including 7% more than in Q4 2014; andmore than half of all attacks peaked at more than one gigabit persecond (Gbps), 34% of attacks peaked between one and five Gbps, andnearly 10% of attacks peaked at more than 10 Gbps. Volumetric DDoSattack sizes peaked at 54 Gbps/18 million packets per second (Mpps)for User Datagram Protocol (UDP) floods and 8 Gbps/22 Mpps forTransmission Control Protocol (TCP)-based attacks. ITServices/Cloud/SaaS was the most frequently targeted industry inQ1, representing more than one third of all mitigationactivity.

Verisign also believes that these attacks may be in reaction tovarious well-publicized events throughout the quarter, includingthe Charlie Hebdo terrorist attacks in Paris, France, and protestsin Venezuela, Saudi Arabia and the United States.

The Verisign report noted that criminally minded attackers canuse DDoS attacks as an effective smokescreen to launch other typesof intrusions into networks, often with financial goals in mind.While intrusion-response teams focus on DDoS mitigation, attackershave a greater chance of evading notice while conducting data andfinancial theft, including fraudulent wire transfers fromvictimized accounts.

A 2012 joint statement from the FBI, the Financial ServicesInformation Sharing and Analysis Center (FS-ISAC) and the InternetCrime Complaint Center (IC3) noted the then-new trend of using DDoSattacks as a diversion, and identified malware dubbed “DirtJumper”as one of the tools of choice for the attackers. The jointstatement warned financial institutions described DirtJumper as “acommercial crimeware kit that can be bought and sold on criminalforums for approximately $200.”