During the pandemic, cyber attackers targeted industries providing connectivity, services and entertainment to populations forced to shelter-in-place, resulting in a 341% year-over-year increase in distributed denial-of-service (DDoS) attacks, according to Nexusguard.
The massive shift in online behavior and reliance on connectivity strained communications service providers (CSPs) and internet service providers (ISPs) that provided the backbone for this remote work, including spikes in ransom DDoS (RDDoS) attacks to extort organizations for payment in exchange for staying online.
With lockdown and social distancing measures enforced across the world, 2020 saw an explosion in online gaming and dependence on the internet, which were attractive targets for attackers. Motivations for the attacks ranged from financial gains, political and economic benefits, revenge, cyberwarfare to even personal enjoyment.
Popularity of cryptocurrencies fueling RDDoS attacks
Analysts predict that RDDoS attacks will increase 30% in the upcoming year, especially given the popularity of cryptocurrencies. Additionally, smaller attacks (less than 10 Gbps in size) will account for 99% of all DDoS attacks in the near future, since they’ll continue to be difficult to detect and economical to deploy.
“During 2020, the pandemic forced a complete shift in how the world lived and worked, and attackers were ready to take full advantage of the situation, adeptly targeting connectivity and entertainment providers,” said Juniman Kasman, CTO for Nexusguard.
“With attackers using stealthier, smaller attacks increasing in complexity, CSPs and enterprises will need deep learning, multidimensional DDoS detection and other advanced techniques to avoid outages.”
According to the research, CSPs—especially ISPs—continue to be impacted by stealthy bit-and-piece attacks, which drip-feed junk traffic across a large IP pool. In 2020, 301 of these CSPs were hit by bit-and-piece attacks across 23 countries.
Researchers caution that CSPs and other organizations that rely on threshold and signature-based detection methods will experience severe outages from newer, evasive DDoS attacks.