World-class security researchers at NETSCOUT have evaluated a number of DDoS-for-hire services. Credit: NETSCOUT If you partake in fairly current movies, television shows, games, and books, it’s likely you’ve seen (and maybe even believed?) the stereotypes often associated with threat actors. They’re often portrayed as antisocial/awkward geniuses (think “Mr. Robot” and “The Girl with the Dragon Tattoo”), super-sleuth law enforcement types (think “Untraceable”), and even groups formed to take down/assist government organizations (think “Homeland” and “24”).And although those entertainment options sometimes provide interesting, enjoyable or ridiculous narratives, the reality is that cyberattacks can be launched with much less effort via underground DDoS-for-hire services.In fact, many such services now allow people to test distributed denial-of-service (DDoS) attack vectors before increasing attack potency via some form of digital or cryptocurrency. Attacks can be waged against layers three, four, and seven, and they can be aimed at specific applications, games, and even methods for bypassing standard anti-DDoS measures.NETSCOUT’s ATLAS Security Engineering & Response Team (ASERT), a group of world-class security researchers and analysts, researched the activities of 19 such services that collectively claim to have successfully launched more than 10 million DDoS attacks.What’s for Sale?DDoS-for-hire platforms and botnets are being used to launch a plethora of ‘services’ – ranging from free tests to multivector attacks. ASERT evaluated the kinds of attacks being launched to better understand the platforms used, their capabilities, the purported number of users, and the costs to launch attacks. Although some of these services have static pricing models, many allow for custom configurations based on duration, concurrent tests, and power, which is viewed as bandwidth and throughput. The costs for such services range dramatically. On one end of the spectrum, there are free tests. At the other end, there are full attacks for as much as $6,500.As detailed in the 1H 2021 Threat Intelligence Report, we described how some of these services offer ‘blacklists’ or delisting services to prevent attacks against subscribers. One example of this can be found on Booter.sx[LGS9] [SG10] , where adversaries offer a temporary or permanent option for delisting IPs. Not surprisingly, there is no guarantee that purchasing such a ‘service’ prevents an attack. Nearly every DDoS-for-hire service offers some form of free DDoS attack capability. Indeed, just these 19 platforms proffer more than 200 different attack types, with a range of costs. Despite the incredible diversity of these platforms, most attack types can be mitigated using standard defensive practices.Learn more about the attack options made possible via DDoS-for-hire services, and the ways you can protect against them, in the 2H 2021 Threat Intelligence Report. Related content brandpost Sponsored by Netscout How to Avoid Getting Crushed Under a Tidal Wave of Traffic Systems with resilience, scale, and a multilayered defense can stop multipurpose application-layer DDoS attacks. By NETSCOUT Mar 09, 2023 4 mins DDoS brandpost Sponsored by Netscout Is Your XDR Strategy Incomplete? Why you can’t have XDR without NDR. By NETSCOUT Mar 07, 2023 5 mins Security brandpost Sponsored by Netscout How 3 Tools Can Revitalize Your Security Strategy Focus on visibility to improve your security posture. By NETSCOUT Mar 07, 2023 4 mins Security brandpost Sponsored by Netscout Protecting the Edge Is More Important Than Ever NETSCOUT’s Omnis Arbor Edge Defense Earns Security Today’s 2022 CyberSecured Award By NETSCOUT Mar 07, 2023 2 mins DDoS PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe