A resurgence in DDoS Attacks amidst Global COVID-19 lockdowns
Findings of Link11’s Security Operations Center (LSOC) uncovered a 97% increase in the number of attacks for the months of April, May, and June in 2020 when compared with the attacks during the same period in the previous year, with an increment of 108% in May 2020.
The annual report incorporates the data which indicated that the recurrence of DDoS attacks relied upon the day of the week and time, with most attacks concentrated around weekends of the week and evenings.
More attacks were registered on Saturdays, and out of office hours on weekdays.
Marc Wilczek, COO, Link11 says, “The pandemic has forced organizations to accelerate their digital transformation plans, but has also increased the attack surface for hackers and criminals – and they are looking to take full advantage of this opportunity by taking critical systems offline to cause maximum disruption. This ‘new normal’ will continue to represent a major security risk for many companies, and there is still a lot of work to do to secure networks and systems against the volume attacks. Organizations need to invest in security solutions based on automation, AI, and Machine Learning that are designed to tackle multi-vector attacks and networked security mechanisms…”
Key findings from the annual report include:
Multivector attacks on the rise: 52% of attacks consisted of a few strategies for the attack, making them harder to defend against. One attack included at least 14 techniques.
The growing number of reflection amplification vectors:: More usually utilized vectors included DNS, CLDAP, and NTP, while WS Discovery and Apple Remote Control are still being utilized in the wake of being discovered in 2019.
DDoS sources for reflection amplification attacks distributed around the globe: The top three most significant source nations in H1 2020 were the USA, China, and Russia. Be that as it may, the ever-increasing number of attacks have been traced back to France.
The average attack bandwidth remains high: The attack volume of DDoS attacks has balanced out at a relatively elevated level, at an average of 4.1 Gbps. In most attacks, 80% were up to 5 Gbps. The biggest DDoS attack was halted at 406 Gbps.
DDoS attacks from the cloud: At 47%, the percentage of DDoS attacks from the cloud was higher than the entire year 2019 (45%). Instances from every single established provider were ‘misused’, however, the more usual ones were Microsoft Azure, AWS, and Google Cloud.
The longest DDoS attack lasted 1,390 minutes – 23 hours and interval attacks, which are set like little pinpricks and flourish on repetition lasted an average of 13 minutes.