The number of DDoS attacks dropped 13 percent in 2021 compared to 2020, but remained well above pre-pandemic levels.
Research from Nexusguard also shows that while the average attack size fell by 50 percent over 2021, the maximum attack size nearly tripled, growing by a whopping 297 percent over the same period.
The top three DDoS attack vectors in 2021 were UDP (user datagram protocol) attacks, DNS amplification attacks, and TCP acknowledgment attacks. UDP remained the most common although it accounted for a smaller percentage of attacks, falling from 59.9 percent in 2020 to 39.1 percent in 2021. DNS amplification declined in percentage terms too, down from 14.2 percent in 2020 to 10.4 percent in 2021.
TCP acknowledgement attacks though took a larger percentage share, up from 3.7 percent to 9.7 percent. In these attacks, a large quantity of acknowledgement (ACK) packets with spoofed IP addresses are sent to the victim server, forcing it to process each ACK packet it receives, which renders the server unreachable by legitimate requests.
"While the number and average size of DDoS attacks fell in 2021 over 2020, the threat level is still very high when compared to pre-pandemic levels," says Juniman Kasman, chief technology officer of Nexusguard. "Attack vectors are also in flux, because while UDP attacks are still the most common, TCP ACK, which can exponentially amplify the effect of a DDoS event with a small amount of traffic, rose significantly. Organizations need to be prepared to deal with a wide array of vectors -- DDoS remains a persistent, elevated threat."
You can find out more and get the full report on the Nexusguard blog.