Annual DDoS Threat Intelligence Report highlights emerging trends

Published: Thursday, 26 May 2022 07:00

Corero Network Security has published the latest edition of its annual DDoS Threat Intelligence Report that compiles the trends, observations, predictions, and recommendations based on DDoS attacks against Corero customers during 2021.

The report, now in its 7th year, highlights that DDoS threats continue to grow in sophistication, size, and frequency. Yet 2021 also reveals changes in attacker behaviour since the start of the pandemic including an increase of 297 percent in the use of OpenVPN reflections as a means of DDoS attack.

As the report co-author and Corero CTO, Ashley Stephenson explains, “OpenVPN as a reflection DDoS vector isn’t just bad news for the victim being attacked, it is also a risk for the organization whose OpenVPN infrastructure is being used to launch the attack as their own users will become collateral damage, suffering from a degraded or unusable service that impacts business continuity.”

The report also finds that 97 percent of DDoS attacks were under 10Gbps, as low packet rate attacks continued to grow during 2021. It suggests this may be the result of attackers sending packets to a victim at lower rates to avoid easy detection.

Stephenson adds, “Combined with the 82 percent share of short duration DDoS attacks, the intention is that these stealthier transient attacks will appear as legitimate traffic, bypassing simple security measures and succeeding in choking access to important downstream services or connections.”

Frequency of repeat attacks also grew with a 29 percent increase in organisations who experienced a second attack within a week.

More details.