<img alt="" src="https://secure.leadforensics.com/89462.png" style="display:none;">

DDoS Threat Report 2020 Q1

In the first quarter of the year, DDoS attacks rose more than 278% compared to Q1 2019 and more than 542% compared to the last quarter. Researchers attribute the sharp rise in incidents to malicious efforts during the COVID-19 pandemic, causing DDoS attacks to interrupt service for large companies and individuals alike. Internet service providers (ISPs) face increasing challenges to curb undetectable and abnormal traffic before they turn into uncontrollable reflection attacks.

  • In addition to traditional DDoS attacks, Nexusguard researchers identified various abnormal traffic patterns, including small-sized, short attacks dubbed “invisible killers.” These types of attacks are often overlooked by ISPs, which gives the invisible anomalies access to website and online services networks to cause havoc.
  • Bits-and-pieces attacks continue to infiltrate traditional threshold-based detection. These attacks result from drip-feeding doses of junk traffic into a large IP pool, which can clog the target when bits and pieces start to accumulate from different IPs. 90% of attacks employed a single-vector approach, which is a change from the popularity of multi-vector attacks in the past.

 


67.12% of the attacks are characterized in the size range of 1Gbps and 5Gbps which from our experience often last less than 15 mins and create less than 200 events per day. We dub this proportion of attacks an “invisible killer”. Due to the lack of size concentration and being overlooked as insignificant relative to overall traffic, it normalizes historical traffic behaviour and gives the invisible killer access to the networks of websites and onlines services to cause havoc.

 

You may be interested in

DDoS Threat Report 2019 Q4

An unprecedented concentration of DDoS attacks on US networks was observed, with more than 1,000 victims identified in various states. Whether motivated by politics, profiteering, crime or other malicious purposes, attacks were frequent and impactful. What’s more, ...

DDoS Threat Report 2019 Q3

DNSSEC (Domain Name System Security Extensions) remain the main driver of growth of DNS amplification attacks in the quarter, yet our analysts have detected a sharp and concerning rise in TCP SYN Flood attacks. TCP SYN Flood is not a new method, but findings indicate that techniques have grown in...

DDoS Threat Report 2019 Q2

DNS amplification attacks swelled in Q2 2019, with the amplified attacks spiking more than 1,000% compared with Q2 2018. Nexusguard researchers attributed Domain Name System Security Extensions (DNSSEC) with fueling the new wave of DNS amplification attacks, which accounted for more than 65% of t...

DDoS Threat Report 2019 Q1

Despite the earlier FBI crackdown, the DNS amplification types of DDoS attacks continued to be a favorite of DDoS-for-hire websites, soaring more than 40 times their volume compared to last quarter. The resurgence of DDoS-as-a-service and the growing botnets reinforce the evolving cyber threat of...