It has been a tough year or so for everyone, and whilst it is still uncertain how many of us can jet off somewhere, certainly everyone is looking forward to a break over the summer. But before we all slow down, or even close up for a couple of weeks, we need to make sure that we are leaving businesses secure from cyber crime.
Radware’s Quarterly DDoS Attack Report, which provides an overview of DDoS attack activity during the first quarter of 2021, found that attack volumes were up dramatically. So whilst attack numbers were static the attacks are getting bigger!
Major findings in the report include:
- The first half of Q1 was characterized by large attacks on finance and a continuation of the 2020 ransom DDoS campaign
- Due to the pandemic, organizations began relying on remote operations, teleworking and remote access infrastructure meaning DDoS actors found new opportunities and began targeting the backend of the communication infrastructure of organizations
- Public-facing assets or organizations remained an essential target throughout Q1 of 2021, as actors attempted to impact an organization’s reputation or to send a political message
- Total attack volume in Q1 of 2021 increased by 31%
- The largest recorded attack in Q1 of 2021 was 295Gbps, up from 260Gbps in Q4 of 2020. The beginning of the period was characterized by larger volumes and higher amounts of packets, caused mainly by attacks from a second wave of the ransom demands on an initial DDoS campaign
- Healthcare was dominated by biotechnology and pharmaceutical attacks in the first half of Q1 2021, while the activity moved to a smaller number of attacks targeting hospitals in the second half of the quarter
- More than 50% of the attack volume targeted HTTPS and nearly 20% targeted HTTP
- UDP Fragment and UDP Floods accounted for more than 90% of the volume in Q1 of 2021
- More than 85% of attacks were mitigated on-premise in Q1 2021. The 15% attacks mitigated in the cloud represent over 92% of the total volume and almost 84% of the packets
- Several organizations in healthcare, finance and retail demonstrated similar temporal distributions and had consistently higher concentrations of attacks during weekdays across Q4 2020 and Q1 2021. The number of attacks initiated at night is lower than the number of attacks undertaken during office hours and is consistent across time zones
Whilst there are new threats such as double ransomware extortion to deal with, it is clear that DDoS attacks are not diminishing. They merely provide the ‘way in’ for many other types of cyber crime.
Mike Revell, Managing Director at activereach, warns,
“DDoS attacks still pose a serious threat to any online business. To keep up with changing attack types, it is crucial for any companies storing customer information to review their security measures and plan unseen threats. Businesses can be particularly vulnerable during the summer period, with staff away on vacation, a security breach could easily go undetected.”
Conclusion
From all the evidence it is clear that the type and scale of DDoS attacks are constantly evolving. In order to keep the risks to a minimum, new approaches to providing and designing security are necessary. Furthermore, closer partnerships between security vendors, system integrators and the client minimise room for a breach in security.
To understand how your business could be protected against a DDoS attack, please see our pages on DDoS testing and mitigation. Or call activereach on 0845 625 9025 and ask to speak to a Security Consultant.
