Number of DDoS attacks doubled in the first quarter of 2021
While most of the world is slowly recovering from the COVID-19 pandemic, we might already be facing a new one. This one, however, threatens our online security, safety, and financial stability.
Ever since the coronavirus outbreak, when pretty much every business was forced to adapt and switch to remote work, the number of cyberattacks, targeting businesses, and IT infrastructures has been exponentially growing.
In 2020 alone hacking activity has increased by a whopping 600%.
But even though the pandemic is slowly being dealt with, the number of cyberthreats is still growing.
Link11 – one of Europe’s leading cybersecurity providers – reported that the number of DDoS attacks in the first quarter of 2021 had already doubled compared to Q1 of 2020.
Main hacking trends
The last two years have seen an increase in hacking and malicious online activities across the board. Phishing and spear-phishing scams have jumped from 12% to 60% throughout 2020.
Malware use increased by 358% in 2020. Ransomware attacks have turned into the biggest threat businesses are facing today with an increase of 435% as compared to 2019.
But amidst all of this cyber-chaos, DDoS attacks still remain the main threat to businesses, infrastructures, and individuals alike. In 2020 DDoS activity has grown by 542% quarter-over-quarter. And despite numerous projections, these numbers have continued to grow in the first quarter of 2021.
According to the report by Link11, the first quarter of 2021 has seen an increase of 128% in DDoS attacks as compared to the same period in 2020.
Along with the general increase in numbers, DDoS attacks have also started shifting their tactics. This speaks to cyberthreats growing in sophistication and presenting an increasingly formidable challenge to businesses, governments, organizations, and individuals alike.
These are some of the general trends that we anticipate will become an increasingly prominent threat in the post-COVID era.
DDoS attacks are evolving
Even though there are numerous ways cybercriminals can hurt you or your business, DDoS attacks remain one of their go-to tactics. And the steady increase in DDoS attacks quarter-over-quarter definitely supports this trend.
However, even though DDoS attacks are still a trusty tool in the attackers’ toolshed, their use may be shifting to ways we are still not aware of.
Today DDoS attacks may no longer be a means to take down a service. Some speculate that DDoSing is used to draw attention away from other attack tactics, drain the company’s resources, or poke the infrastructure for possible vulnerabilities.
Bit-and-Piece attacks are on the rise
Even though DDoS attack bandwidths remain high and continue to grow, cybersecurity experts see more danger in smaller scale, bit-and-piece DDoS attacks.
According to Nexusguard, bit-and-piece type attacks as small as 30 Mbps have seen a 570% increase throughout 2020.
These attacks inject malicious traffic into regular one and are much harder to detect, identify, and protect against. For now, cybercriminals mostly use this method to target CSP and ISP providers.
The only remedy for this, as it seems, is switching to machine-learning-based threat detection. This could help identify malicious patterns as early as possible.
The attacks are becoming much more dynamic
Hackers are getting smarter and much more creative.
According to various cybersecurity reports, most of the DDoS attacks of 2020-2021 are no longer single-vector. In fact, 69% of all attacks employ multi-vector techniques. This allows the attackers to scan the systems for vulnerabilities and increase their general success rate.
While there are effective means to protect a system against single-vector attacks, the new techniques can pose a serious problem.
DDoS attacks are becoming more persistent
The latest DDoS attacks tend to stick to their targets even if they are unsuccessful. The longest recorded attack to date lasted over 24 hours, and it happened this year.
The general increase in DDoS time could mean a whole number of things. Some of the most common cybersecurity speculations are:
- The DDoS attack sticks to its target with the aim to be successful over time.
- They increase recovery times, which can be twice or even three times as long as the attack itself.
- This trend could indicate that DDoS attacks as a hired service are becoming much more common. Attacks simply run on autopilot for however long they were paid for.
- The long-term, high-bandwidth DDoS attacks might be used to draw the companies’ attention and resources from other means of intrusion.
No one is safe
Even though you hear about huge companies taken down by hacks, DDoS, and ransomware attacks (most recently JBS, Colonial Pipeline, and McDonald’s), those are not the primary target of cyberattacks. Those are simply the biggest hack-success stories that made it on the news.
In the last two years, DDoS attacks were mostly targeting companies that were in high demand amidst the pandemic. This includes healthcare, education, government institutions, as well as companies that have heavily switched to a mostly digital model of work (logistic, retail, media and entertainment companies).
47% of all DDoS attacks have actually been targeting ISPs, hosting providers, and data center operators, with the aim to take down entire IT infrastructures and maximize the damage.
However, despite these statistics, the targets that suffer most from DDoS attacks are small- to medium-scale businesses that had to digitize. Unlike the bigger targets, they do not have the means to protect themselves against increasingly sophisticated attacks.
Sure, the kickback from taking down small businesses might be much smaller. But the attackers don’t have to use as many resources or as much effort to take them down.
A real pandemic births to a digital one
While some experts remain optimistic, saying that the cyberthreat level will probably weaken in the coming months, others see the steady growth of DDoS attacks, the increase in their sophistication, and the new attack techniques and tactics they employ as signs of a completely new age in cybercrime. One that will outlive the COVID pandemic and become the new norm for the digital world.
This new digital reality will force companies to adapt and create new means of protecting themselves. Otherwise, we’re all be lambs to the cyber-slaughter.