DDoS attacks reached a record high in 2020 and became increasingly complex
- Published: Wednesday, 24 March 2021 10:48
Link11 has released findings from its DDoS Report for 2020, which reveal that DDoS attacks reached a record high during the pandemic as cybercriminals launched new and increasingly complex attacks.
Key findings from analysis for the report, which was carried out by the Link11 Security Operations Center (LSOC) in combination with OSINT, include:
- Boom in attacks: from February to September 2020, the number of DDoS attacks nearly doubled and was on average 98 percent higher than in the same period in 2019. It Is estimated that there were 50 million DDoS attacks worldwide over twelve months.
- Increased attack volumes: high-volume attacks of over 50 Gpbs became a problem for inadequately protected businesses.
- Complex attacks: 59 percent of incidents used so-called multi-vector attacks, which are harder to prevent and defend against.
- New attack techniques: numerous new DDoS vectors were detected; in particular, DVR DHCPDiscovery, Plex Media Server, and Citrix Netscaler stood out.
- High attack frequency: attackers increasingly relied on short, repetitive attacks lasting for hours and days.
- The longest DDoS attack was 5,698 minutes equating to four full days of continuous bombardment.
As the attack surfaces for companies have increased in size and complexity due to the digital transformation triggered by the pandemic, DDoS attackers have adapted to these trends. In addition to VPNs and APIs, attackers also focused on CRMs, databases, and email and web servers, which attacks extending across all layers.
The 2020 DDoS report revealed that cybercriminals began ramping up their DDoS extortion efforts in the second half of the year. Extortionists posing as Fancy Bear, Cozy Bear, Armada Collective, and Lazarus Group mainly targeted operators of critical infrastructure and providers of financial services, eCommerce, and hosting services. Often using large-volume warning attacks of over 50 Gbps, the extortionists pressured companies to pay ransoms ranging from five to 15 Bitcoins.
The report also suggests that DDoS attacks will continue to be prevalent through 2021. Digital corporate IT, cloud services and APIs will continue to experience heavy DDoS fire and companies should include the threat of DDoS extortion in their risk assessments.