Why so many DDoS attacks these days?

I don't know why there are so many DDoS attacks these days.

How organizations can stay safe from these massive DDoS attacks?

 

My best guess is that if you piss someone off thats tech savvy they could prob source the ability to launch an attack. There are so many compromised / un-patched devices connected to the internet that can be leveraged. You can prob even rent DDoSaaS these days.

 

Because it's a relatively high effect attack for a relatively low cost outlay. You could invest a lot of time and money into more sophisticated and targeted attacks and potentially get nowhere. Or you could buy a few thousand infected machines on a zombie botnet and just take your "opponent" offline for a while, costing them time, money and reputation.

Pay for a commercial service to mitigate the problem. For example:
https://www.cloudflare.com/ddos/

 

DDOS has always existed as an attack vector. That being said i think there has been a rise in found amplification methods in the recent few years that have made it more effective. DNS/NTP/SNMP all have UDP based amplification.

I think we will see more to come in the next few years with IoT and IPv6 coming to the mix.

 

Add to that the fact that consumer Internet connections are now much faster, and more people are connected. That's a double whammy for both the number of available infected hosts, and the bandwidth available per node.

You don't have to wait. IoT devices are now the number one source of botnet activity worldwide. Much easier to control those thanks to shoddy manufacturing/engineering standards and no updates.

http://arstechnica.com/security/201...ws-from-notorious-mirai-infects-3500-devices/

 

the world of IoT has begin now.

 

DDoS ransom attacks have become a pretty big market. Pay us $X or we'll DDoS you. And generally they ask for less than the cost of DDoS protection services, leading to a lot of bad management decisions....

 

Too many hackable internet connected devices like NAS, media players and many other things that owners have no idea have been annexed.

 

Depends on your point of view, I guess. From that of the narrow-minded management, they've gone with the cheaper option, so therefor they've done right by their business. With blinkers on, you can see why people who only think about affairs in their back yard and from a dollar value point of view *think* they've made a good decision.

Bigger picture, of course, it doesn't take much to see that they're perpetuating bad security overall, keeping the financial viability of these sorts of attacks alive, and putting services and data at risk.

But sadly, bad management is everywhere. Good managers listen to qualified technical experts. Bad managers ignore them, and only consider the short term bottom line.