DDoS traffic capitalizes on remote working connectivity reliance to disrupt service provider targets

In the first quarter of 2020, DDoS attacks rose more than 278% compared to Q1 2019 and more than 542% compared to the last quarter, according to Nexusguard.

Q1 2020 DDoS

Working from home as the new norm

Researchers attribute the sharp rise in incidents to malicious efforts during the COVID-19 pandemic, causing DDoS attacks to interrupt service for large companies and individuals alike. ISPs face increasing challenges to curb undetectable and abnormal traffic before they turn into uncontrollable reflection attacks.

In an effort to curb the spread of COVID-19, working from home has become the new norm and household internet connectivity is more important than ever. This heavy reliance on online services has given rise to a trend of attacks meant to overwhelm ISPs.

Abnormal traffic patterns identified

In addition to traditional DDoS attacks, during Q1 2020 researchers identified various abnormal traffic patterns, including small-sized, short attacks dubbed “invisible killers.” These types of attacks are often overlooked by ISPs, which gives the invisible anomalies access to website and online services networks to cause havoc.

“We believe the small ‘invisible killer’ attacks are not isolated cases, but ongoing trends which can no longer be dismissed at the risk of internet network infrastructure suffering a deluge of attacks,” said Juniman Kasman, CTO for Nexusguard.

“It’s imperative that internet service providers take the initiative to address any suspicious traffic—irrespective of size or quantity—to ensure customers don’t experience outages from DDoS attacks.”

Findings also showed that bits-and-pieces attacks continue to infiltrate traditional threshold-based detection. These attacks result from drip-feeding doses of junk traffic into a large IP pool, which can clog the target when bits and pieces start to accumulate from different IPs.

According to the report, 90% of attacks employed a single-vector approach, which is a change from the popularity of multi-vector attacks in the past.

Don't miss