DDoS attackers stick to their target even if they are unsuccessful

Link11 has released its DDoS report for Q1 2021 which revealed the number of DDoS attacks continued to grow.

DDoS attackers target

Between January and March, more than double the number of attacks than the same period in the previous year were recorded. This suggest the already alarming threat level from cybercrime, a pandemic that has been raging since Spring 2020 alongside the fight against COVID-19, has once again intensified.

DDoS attackers stick to their target

  • The number of attacks continued to increase: 128% increase in the number of attacks than Q1 2020 (factor of around 2.3).
  • Attack bandwidths remained high: 216 Gbps maximum in attack volume.
  • Increasing use of carpet-bombing attacks: Attackers are more and more switching to carpet bombing attacks with small-volume, low-threshold attacks, which remain under the radar of many protection solutions. The hundreds or thousands of small attacks running in parallel can easily add up to a high-volume attack of several tens or hundreds of Gbps and cause an infrastructure to collapse. This is particularly worrisome for hosting and cloud providers.
  • Highly dynamic attack tactics: 69% of attacks were multi-vector attacks combining multiple techniques.
  • DDoS attackers stick to their target even if they are unsuccessful: 1489 minutes was the longest attack (>24 h). Without effective protection, long recovery times, which can be twice or three times as long as the actual attack, would still have to be considered.

DDoS attackers increasingly target companies that were either in high demand due to the pandemic or had to shift their operations online. These include the healthcare sector, public administrations, educational institutions, logistics companies, online retail, media and entertainment companies.

However, data centre operators, who play a significant role in the digitization of companies, are also under heavy fire. Almost every second DDoS attack (47%) targets hosting providers and ISPs.

The threat situation not expected to weaken

The threat situation is not expected to weaken in the coming months. However, the increasing number of attacks and new techniques suggest the quality and quantity will remain high.

Accelerated digitalization in the economy and society offers growing attack surfaces and lets cybercrime boom.

Marc Wilczek, Managing Director of Link11 said: “The exponential boom in cybercrime will outlast the pandemic. In a post-COVID era, companies and organizations must adapt to a permanently changed threat environment. Against this backdrop, they need to reassess the risks of failure for their networked business and production processes.”

Don't miss