Criminals are now selling hacking services online for as little as five dollars, making cyberattacks affordable for anyone. These services, called DDoS-as-a-service platforms, let attackers rent botnets, which are groups of infected computers that can flood websites and knock them offline. Security researchers tracking this trend found that prices have dropped and services have become easier to use.
At the same time, major software companies are struggling to patch security holes faster than hackers can exploit them. Palo Alto Networks discovered that attackers have begun using a flaw in its GlobalProtect VPN software, which companies use to let employees work from home safely. This shows that criminals are finding and weaponizing flaws before fixes reach most users.
Small businesses and government offices are at the highest risk because they often lack security teams to monitor attacks. Individuals working for critical services like hospitals, power plants, and banks could be targeted through these cheaper attack methods. Families using VPN software at home may also become victims if their devices are infected without their knowledge.
Security companies and government agencies are working to shut down these platforms and warn businesses about the flaws. President Trump's administration has been focusing on cyber threats as part of national security planning. Organizations have been urged to update their software immediately and monitor their networks for suspicious activity starting this month.