341% Surge in DDoS Attacks During the Epidemic


The epidemic resulted in a 341 percent spike year-over-year in distributed denial of services (DDoS) attacks as per Nexusguard's Annual Threat Report 2020, which is targeting sectors that provided connection, services, and entertainment to populated populations that were compelled for shelter. 

The enormous change in online behavior and dependence on connectivity has stretched communications service providers (CSPs) and ISPs that have supplied the backbone for such remote operation, including DDoS (RDDoS) ransom attacks on the extorted payment companies in exchange for being online. 

Juniman Kasman, CTO for Nexusguard said, “During 2020, the pandemic forced a complete shift in how the world lived and worked, and attackers were ready to take full advantage of the situation, adeptly targeting connectivity and entertainment providers.” 

With lockdown and worldwide social distancing measures, online gaming and Internet dependency have flourished in 2020, which have also been tempting targets for attackers. Attack motivations include economic and political gains, retaliation, cyberwar, and even personal pleasure. 

Analysts expect the RDDoS attacks to grow by 30 percent over the next year, particularly because of cryptocurrencies' prominence. In contrast, smaller attacks (less than 10 Gbps in size) will contribute shortly to 99% of all DDoS attacks, as they remain hard to detect and cost-effective to deploy. 

“With attackers using stealthier, smaller attacks increasing in complexity, CSPs and enterprises will need deep learning, multidimensional DDoS detection, and other advanced techniques to avoid outages,” Kasman added.  

The research has explicated that CSPs – and in particular ISPs – continue to be affected by sophisticated bit-and-piece attacks that drip trash through a huge IP pool. 301 of the CSPs were struck by bit-and-piece attacks in 23 countries in the year 2020. 

Researchers warn that the newer evasive DDoS attacks will lead to catastrophic disruptions from CSPs and other businesses which rely on thresholds and symbolic detection methods.

A denial of service attack is a cyber-attack, wherein the attacker aims to disrupt the operations of a host connected to the Internet temporarily or permanently, by making a computer or network resource unavailable to its intended users.