DDoS Threat Report 2020 Q2

DDoS Threat Report 2020 Q2

A shift in attack tactics by perpetrators in Q2 2020, saw a 570% increase in bit-and-piece attacks compared to the same period last year. Attackers adopted a more elaborate practise of bit-and-piece attacks to launch various amplification and UDP-based attacks to flood target networks with traffic, making detection and mitigation via traditional threshold-based methods all the more difficult for CSPs.

  • Bit-and-piece attacks are taken to a whole new level through blending multiple attacks: Smaller and more complex UDP-based and other amplification attacks were often used to maximize the impact of collateral damage on target networks. Bit-and-piece attacks result from injecting doses of junk traffic of negligible size into a large pool of IP addresses across hundreds of IP prefixes, which eventually paralyze the target when the junk traffic starts to accumulate from different IPs.
  • Harnessing power through blending multiple attack vectors: In the past, attackers have used bit-and-piece attacks with a single attack vector to launch new attacks based on that vector. However, in this quarter, Nexusguard reported a tendency to employ a blend of attack vectors to launch a wider range of UDP-based attacks, intended to increase the level of difficulty for CSPs to detect and differentiate between malicious and legitimate traffic.

There has been an obvious decrease in attack size, with perpetrators opting to employ small-sized attack traffic to attack more IP prefixes /24. This seriously undermines traditional threshold-based detection and mitigation, given that CSPs now need to detect and identify smaller and more complex attack traffic patterns amongst large volumes of legitimate traffic.

As can be seen in Figure, 51.57% of attacks were smaller than 30Mbps. In addition, 4,080 attacks were smaller than 5Mbps, 6,527 attacks were between 5Mbps and 10Mbps, and 9,637 attacks were between 10Mbps and 30Mbps.

You may be interested in

DDoS Statistical Report for 1HY 2022

In the first half of 2022, the total attack count and average attack size increased by 75.60% and decreased by 55.97% respectively compared to the figures recorded in the second half of 2021. Compared to the second half of 2021, the maximum attack size...

DDoS Statistical Report for 2021

In 2021, the total attack count and average attack size both fell by 13.32% and 50.00% respectively compared to the figures registered in 2020. Compared to 2020, the maximum attack size increased by 296.62%, with the maximum attack size clocking in at 699.20 Gbps. Besides, Read More >

DDoS Threat Report 2021 Q3

Q3 saw a notable trend in which attackers launched DDoS attacks at single targets within a CSP, attributing an attack size increase of 544% QoQ and 232% YoY. Over 55% of attacks focused on hitting a specific service with high volumes of traffic simultaneously, and according to our research, sever...

DDoS Threat Report FHY 2021

Small bit-and-piece DDoS attacks boomed by 233% in the first half of 2021. As the pandemic carried on into 2021, hackers experimented with new attack patterns to avoid signature-based detection. More than 99% of all DDoS attacks were smaller than 10Gbps, as we had predicted in 2020. These small, ...

Annual Threat Report 2020

This annual report is to review a year that was defined by arguably the worst pandemic the world has seen in 100 years. We look back at some of the key insights, findings and trends covered in our previous quarterly reports, and how COVID-19 impacted not only cybersecurity, but also the way we no...