Record-breaking numbers of DDoS attacks in first half of 2020
Cybercriminals have launched a record number attacks on online platforms and services this year, with more than 929,000 DDoS attacks occurring in May, the single largest number of attacks ever seen in a month.
The latest threat intelligence report from NETSCOUT also reveals that 4.83 million DDoS attacks occurred in the first half of 2020, a 15 percent increase, and attack frequency jumped 25 percent during the peak pandemic lockdown months of March through June.
The average attack duration dropped 51 percent from the same period last year. Also, single-vector attacks fell 43 percent while attack throughput increased 31 percent, topping out at 407 Mpps (million packets per second). This increase in attack complexity and speed, coupled with the decrease in duration, means security teams have less time to defend their organisations from increasingly sophisticated attacks.
"The first half of 2020 witnessed a radical change in DDoS attack methodology to shorter, faster, harder-hitting complex multi-vector attacks that we expect to continue," says Richard Hummel, threat intelligence lead at NETSCOUT. "Adversaries increased attacks against online platforms and services crucial in an increasingly digital world, such as e-commerce, education, financial services, and healthcare. No matter the target, adversary, or tactic used, it remains imperative that defenders and security professionals remain vigilant in these challenging days to protect the critical infrastructure that connects and enables the modern world."
To understand the impact that DDoS attacks have on global Internet traffic, NETSCOUT's ATLAS Security Engineering and Response Team (ASERT) has developed a DDoS Attack Coefficient (DAC). This represents the amount of DDoS attack traffic traversing the internet in a given region or country during any one-minute period. If no traffic can be attributed to DDoS, the amount would be zero. DAC identified top regional throughput of 877 Mpps in the Asia Pacific region, and top bandwidth of 2.8 Tbps in EMEA. Since cybercriminals don't pay for bandwidth this demonstrates the DDoS tax cost that every internet-connected organisation and individual pays.
The full report is available from the NETSCOUT site.