DDoS Attacks: 3 Common Motivations


Dan Ennis CEO

Modern distributed denial-of-service (DDoS) attackers are leveraging the convenience of the cloud to access the computing power required to execute “mega” DDoS attacks. The consequence of a DDoS attack on a business can be far reaching and directly contributes to significant revenue loss, customer data breaches and damage to brand reputation.

However, many businesses today still believe that “it will never happen to me” and often do the bare minimum to protect their web systems and applications from such attacks. Understanding the motivation behind a DDoS attack can be helpful in determining the risk to your business as DDoS attacks become a growing problem in frequency and size.


  • Financial motivations: The most prevalent motivation behind an attack is financial gain. Cybercriminals are able to ransom or extort businesses with unprotected web systems and applications who want to avoid being attacked or wish to stop an attack. Often requesting hard to acquire bitcoins as payment with the ransom being increased by the day if a business can’t pay. This can lead to hours, if not days of downtime of e-commerce and other business critical applications.


  • Non-financial motivations: Of the many non-financial reasons a cybercriminal might launch an attack the most common include a protest or “hacktivism” against a business practice or organizations whose ideologies differ from theirs. For example, groups such as Anonymous have been known to attack businesses who have been affiliated with political candidates, have been deemed to be controlling the internet and even medical organizations for what they feel is questionable medical care of minors.


  • Cover for targeted attacks: Another motivation that we are seeing more frequently is that a DDoS attack is used as cover for other more sophisticated targeted attacks. According to a Computer Weekly article published in October 2016, “The majority of DDoS attacks (53%) resulted in additional compromise, including viruses (46%), ransomeware (15%) and other malware (37%).” This same report found that 21% of these attacks resulted in customer data theft.


These top three motivations, along with a variety of other reasons, could be what brings down virtually any business, of any size, as it becomes easier for cyber criminals to access resources to launch a volumetric DDoS attack.

How to protect your business

Even as more businesses are turning to DDoS mitigation products and services, many are finding that conventional methods of inspecting all incoming traffic and relying on filtering or traffic anomaly detection cannot match the scale or sophistication of today’s DDoS attackers.

The Cloud-DMZ web security architecture takes a completely different approach to DDoS mitigation by processing web systems to first understand that application and how users access information, and then creating an agile replica of the original site to respond instantly to requests and eliminating the need for back-end processing. This secure replica is deployed in the cloud and can easily scale when a volumetric attack grows. As a result, Cloud-DMZ can easily contain any level of DDoS attack without impacting user experience and with virtually no attention from internal IT or security teams.

To learn more about Cloud-DMZ and DDoS mitigation click here.