Number of DDoS attacks doubles

Link11, Europe's leading IT security provider in cyber resilience, has released its DDoS report for Q1 2021 which revealed the number of DDoS attacks continued to grow.

Between January and March, the Link11 Security Operations Centre (LSOC) recorded more than double the number of attacks than the same period in the previous year. This suggest the already alarming threat level from cybercrime, a pandemic that has been raging since Spring 2020 alongside the fight against COVID-19, has once again intensified.

The key findings from the report are:

• The number of attacks continued to increase: + 128% increase in the number of attacks than Q1 2020 (factor of around 2.3).
• Attack bandwidths remained high: 216 Gbps maximum in attack volume.
• Increasing use of carpet-bombing attacks: Attackers are more and more switching to carpet bombing attacks with small-volume, low-threshold attacks, which remain under the radar of many protection solutions. The hundreds or thousands of small attacks running in parallel can easily add up to a high-volume attack of several tens or hundreds of Gbps and cause an infrastructure to collapse. This is particularly worrisome for hosting and cloud providers.
• Highly dynamic attack tactics: 69% of attacks were multi-vector attacks combining multiple techniques.
• DDoS attackers stick to their target even if they are unsuccessful: 1,489 minutes was the longest attack (>24 h). Without effective protection, long recovery times, which can be twice or three times as long as the actual attack, would still have to be considered.

The attackers increasingly targeted companies that were either in high demand due to the pandemic or had to shift their operations online. These included the healthcare sector, public administrations, educational institutions, logistics companies, online retail, media and entertainment companies. However, data centre operators, who play a significant role in the digitisation of companies, were also under heavy fire. Almost every second DDoS attack (47%) targeted hosting providers and ISPs.

According to analysis by the LSOC, the threat situation is not expected to weaken in the coming months. However, the increasing number of attacks and new techniques suggest the quality and quantity will remain high.

Accelerated digitalisation in the economy and society offers growing attack surfaces and lets cybercrime boom. Marc Wilczek, Managing Director of Link11 said: "The exponential boom in cybercrime will outlast the pandemic. In a post-COVID era, companies and organisations must adapt to a permanently changed threat environment. Against this backdrop, they need to reassess the risks of failure for their networked business and production processes."