Skip to main content

blog

Protecting against DDoS attacks requires more than just placing mitigation products

DDoS attacks are on the rise. The COVID-19 pandemic forced our school, work, and social lives to go online. As a result, DDoS attacks grew significantly in 2020, compared to 2019. In fact, there were almost twice as many DDoS attacks in Q1 2020 as there were in Q1 2019. Cisco predicts that the total number of DDoS attacks will double from the 7.9 million seen in 2018 to over 15 million by 2023. In addition, RDDoS (Ransom DDoS), is also correlated with the rise in Bitcoin price, which occurred at the end of 2020 and the beginning of 2021. A large number of organizations received an extortion note and then we attacked with DDoS for not paying them.


The size and length of attacks are evolving
But it’s not just the number of DDoS attacks that matter. The type of attacks and the size of the botnets are also evolving. A Distributed Denial of Service attack of one gigabit per second is enough to knock most organizations off the internet but we’re now seeing peak attack sizes in excess of one terabit per second generated by hundreds of thousands or even millions of suborned devices. The average attack now lasts 24% longer. The maximum attack length has jumped by 264%. The number of DDoS attacks over 100 GB/s in volume increased by 776%.


Modern DDoS attacks are smart using multi-vector attacks more frequently
A growing number of attackers are using multi-vector DDoS attacks, combining different DDoS attack methods into one repetitive attack. An attacker may start with NTP, then switch to a DNS reflection attack, then switch to a SYN Flood, for good measure. Sometimes they layer different vector types and sometimes they just vary the attack vector itself in an attempt to evade detection. Multi-vector attack rates are often additive in terms of bandwidth and packet rate. By dynamically and automatically changing parameters and vectors in response to the cyber-defenses they encounter, cybercriminals make it much more difficult to mitigate, or even detect their attacks, in the first place.
According to Kaspersky labs’ statistics, the trend line of smart attacks is growing from quarter to quarter.


In Q1 2020 only 37.5% of the attacks, were smart.
In Q4 2020 44.29% of the attacks, were smart.
In Q1 2021 46.6% of the attack are smart.
Is it also clear from the data that smart attacks are longer than regular DDoS attacks.