DDoS attacks are on the rise at a time of the year that’s usually a lot less uneventful, according to a report from Nexusguard that reveals a 278% increase in DDoS attacks compared to Q1 2019.
Distributed denial-of-service (DDoS) attacks are just another threat that cybersecurity has to deal with daily. It’s no longer something that might happen only to companies with a prominent enough profile to warrant attackers’ attention.
Usually, the first quarter of the year is not all that busy in terms of DDoS attacks, but the COVID-19 pandemic modified the landscape. Instead of a slowdown in the frequency and scope of the attacks, we saw a massive increase.
On a year-over-year comparison with Q1 2019, there’s a 278.17% increase. Compared to Q4 2019, that increase jumps to 542.46%. As for the attack size, the numbers don’t get any higher. The biggest attack registered 176.29 Gbps, a 21.25% increase from Q1 2019, and the average sits at 1.385 Gbps, a 68.20% increase since Q1 2019.
DDoS attacks are becoming more sophisticated, and criminals no longer want just to cripple a website or an online service. They are deploying smaller attacks that might not trigger protections at the ISP level, but which are powerful enough for other purposes.
“The attacks are characterized in the size range of 1Gbps and 5Gbps which from our experience often last less than 15 mins and create less than 200 events per day,” says the Nexusguard report.
“We dub this proportion of attacks an ‘invisible killer’. Due to the lack of size concentration and being overlooked as insignificant relative to overall traffic, it normalizes historical traffic behaviour and gives the invisible killer access to the networks of websites and onlines services to cause havoc,” it continues.
Another interesting aspect is related to the type of attack vectors, which are overwhelmingly skewed in one direction. UDP attacks increased by 10,438 in just one quarter, making it the most used method. But CLDAP Reflection attacks are also becoming more popular, registering a 2,572% increase since Q4 2019 and 3,390% since Q1 2019.
The fragmentation of DDoS traffic to cover smaller types of attacks seems to be the main direction, and it’s likely to see an increase in patterns that don’t trigger ISP defenses.