<img alt="" src="https://secure.leadforensics.com/89462.png" style="display:none;">

Annual Threat Report 2020

This annual report is to review a year that was defined by arguably the worst pandemic the world has seen in 100 years. We look back at some of the key insights, findings and trends covered in our previous quarterly reports, and how COVID-19 impacted not only cybersecurity, but also the way we now work and live. We will look into how the threat landscape has evolved in terms of the increase in DDoS attacks over the past year, the increasing complexity and sophistication of attacks, and will compare relevant statistics against those garnered in 2019. Lastly, in view of the challenges faced by CSPs, service providers, enterprises and organizations in these unprecedented times, we will share our foresights on how DDoS attacks will evolve and recommendations on how best to tackle, mitigate and manage the ever-evolving cyber threats in the post COVID-19 world.

  • COVID-19 drove DDoS attacks to new heights: A 341.21% year-over-year (YoY) increase in the number of DDoS attacks was recorded in March, accounting for 23.96% of all attacks in 2020. Q2 constituted 38.33% of attacks, representing the highest concentration of attacks in 2020. Interestingly, the number of attacks fell in July to 6.99% and this downward trend continued through till December.
  • Attack motives were as varied as the attacks themselves: From March onwards, according to our findings there was an increase in extortion and ransom DDoS (RDDoS) attacks against a wide range of industries around the world.
  • DDoS attacks are more complex than ever: In March, apart from traditional DDoS attacks, we identified other abnormal traffic Feb patterns, including small-sized, short attacks dubbed “invisible killers.” April to August witnessed a shift in tactics which saw attackers opting for a more deceptive and sophisticated approach, by utilizing a more elaborate practise of bit-and-piece attacks to launch amplification and other types of UDP-based attacks to flood target networks with traffic. Attacks launched from September through to December took a more sinister turn with
    perpetrators concealing TCP-based attacks within volumetric attacks, utilizing the volumetric attack as a cover.
  • Look ahead to 2021/2022: Predictions & Recommendations
    1. Organizations, including CSPs, that rely on threshold and signature-based detection 1 methods will experience severe outages as a
    result of DDoS attacks

    2. The effectiveness of authentication-based mitigation will be further tested as application attacks are predicted to double in 2021/2022
    3. Ransom DDoS attacks will increase by 30%
    4. DDoS attacks < 10Gbps will account for 99% of all attacks
    The continued discovery of new attack patterns in recent times, especially small-sized attack traffic that have been able to evade threshold and signature-based detection systems suggests that CSPs need to enhance their security posture and look into employing more effective ways to protect their networks, infrastructures and customers.
    report screencap v5

 

You may be interested in

DDoS Threat Report 2020 Q3

The increase in online gaming attracted attention from attackers, resulting in nearly 77% of cyber attacks targeting online gaming and gambling industries in Q3 2020. More than a third of these entertainment attacks focused on online gaming targets. Nexusguard anal...

DDoS Threat Report 2020 Q2

A shift in attack tactics by perpetrators in Q2 2020, saw a 570% increase in bit-and-piece attacks compared to the same period last year. Attackers adopted a more elaborate practise of bit-and-piece attacks to launch various amplification and UDP-based attacks to f...

DDoS Threat Report 2020 Q1

In the first quarter of the year, DDoS attacks rose more than 278% compared to Q1 2019 and more than 542% compared to the last quarter. While working from home has become the new norm due to COVID-19 pandemic restrictions, heavy use and reliance of online services ...

DDoS Threat Report 2019 Q4

An unprecedented concentration of DDoS attacks on US networks was observed, with more than 1,000 victims identified in various states. Whether motivated by politics, profiteering, crime or other malicious purposes, attacks were frequent and impactful. What’s more, ...