Why would we get attacked? An analysis of attacker’s aims behind DDoS attacks
Reliable availability to the internet and internet-based services is crucial in today’s world. DDoS attacks pose a severe threat to the availability of such online resources – especially owing to booters – virtually everyone can execute them nowadays. In order to appropriately protect oneself against such attacks, it is essential to have a good insight into the threats that exist. This paper proposes a novel hybrid model that combines postulates from various models on crime opportunity, analyzing the targeted victim and the targeted infrastructure in conjunction. We apply this model to analyze 27 distinct attack events that occurred in 2016. To construct this dataset, we utilize a longitudinal news database specific to DDoS-related events, aiding to select relevant attack events. We outline the procedure to replicate the dataset construction process. Looking at DDoS attacks solely as a technical issue is not enough, news articles can be an important resource in providing contextual relevance to this problem. Our analysis reveals several motives underlying DDoS attacks; economic reasons are but one of the possible aims. For this reason, we advise companies to also monitor the socio-cultural and political environment. In terms of infrastructure, visibility and accessibility are the main instigators for an attack. A holistic perspective is imperative to accurately map the threats that companies face and to take appropriate protective measures.