甘肃地区联合辟谣平台上线

Cybercriminals are increasingly turning to AI-powered chatbots and automation tools to launch more destructive DDoS attacks, according to findings from Netscout.

A recent analysis, part of a multi-part series on the DDoS-for-hire underground first released in December 2024, revealed a “three-year transformation” in the cybercrime ecosystem driven by automation.

In a follow-up blog, Richard Hummel, NetScout’s director of threat intelligence, explained that automation has already “democratized advanced cyber attacks,” giving malicious actors easier access to powerful, ready-to-use tools.

“The platforms have evolved from basic click-through interfaces into sophisticated, automated systems with API connectivity, built-in reconnaissance, and adaptive attack methods,” Hummel stated.

Now, the integration of AI chatbots marks the next phase in the evolution of DDoS attacks—and many organizations remain unaware of the growing threat.

“The DDoS-for-hire market has already adopted automation at scale,” Hummel emphasized.

“NETSCOUT’s investigations uncovered services that allow automated scheduling of attacks, real-time adjustments to attack parameters, and long-term campaign management with little to no human intervention.”

Modern platforms used by attackers can now execute complex “multi-vector attacks” capable of adjusting in real time to bypass defensive measures, Hummel noted, enabling attackers to launch widespread “carpet-bombing” assaults across entire network segments.

With AI assistants entering the mix, threat actors could elevate their capabilities from merely automated to genuinely intelligent operations.

For instance, instead of needing to understand technical attack vectors or network protocols, users might simply describe their goals in plain language, such as: “I want to take down my competitor’s website during their Black Friday sale,” Hummel illustrated. The AI assistant could then potentially perform reconnaissance, assess vulnerabilities, and plan the attack accordingly.

AI tools may also assist in determining the “optimal timing” for attacks, ensuring they strike when a target is most exposed or under peak operational load.

AI will further lower the barrier to entry for DDoS attacks

Hummel cautioned that the rise of AI assistants in cybercrime will further democratize DDoS-for-hire services, empowering less-skilled hackers to conduct highly effective attacks.

While DDoS-for-hire platforms have already made launching attacks more accessible, integrating conversational AI could “remove the final technical barriers” entirely.

There are already documented cases of cybercriminals leveraging AI tools to enhance their operations. Earlier this year, Abnormal Security reported that attackers were using a chatbot called ‘GhostGPT’ to generate malware code.

Other “Hackbot as a Service” platforms, such as WormGPT, emerged as early as 2023, offering subscription-based AI tools designed to craft phishing emails and support business email compromise (BEC) schemes.

What this means for cybersecurity defenders

The rapid advancement in the DDoS-for-hire space means businesses across industries may soon face a surge in smarter, faster attacks, Hummel warned.

“Enterprises need to understand that legacy DDoS defenses built for predictable, signature-based attacks will be ineffective against AI-driven campaigns,” he wrote.

“AI-powered attacks could dynamically analyze defenses, detect rate limits, imitate normal user traffic, and orchestrate evolving multi-vector assaults faster than human teams can react.”

Given this reality, Hummel stressed that security teams must overhaul their defense strategies—and begin preparing now, even before the first confirmed wave of AI-driven DDoS attacks emerges.

In response, many security teams will likely adopt AI as a countermeasure.

Hummel specifically pointed to machine learning-driven detection and response systems as essential tools, offering the speed and adaptability needed to keep pace with AI-enhanced threats.

Security teams will also need to “rethink incident response protocols” and strengthen collaboration through improved threat intelligence sharing across the cybersecurity community.

“Outdated response playbooks based on human reaction times must be replaced with autonomous systems capable of responding at machine speed,” Hummel concluded.

Be sure to follow php.cn on Google News for ongoing coverage of the latest tech news, security insights, and expert reviews.

The above is the detailed content of Think DDoS attacks are bad now? Wait until hackers start using AI assistants to coordinate attacks, researchers warn. For more information, please follow other related articles on the PHP Chinese website!