Link11 DDoS Report: Number of Attacks Doubled in the 1st Quarter 2021

  • Katrin Graewe
  • April 28, 2021


Link11 DDoS Report: Number of Attacks Doubled in the 1st Quarter 2021

In Q1 2021, attackers continued to exploit the pandemic to attack businesses and their IT infrastructures. In the post-COVID era, DDoS attacks threaten to become the new normal.

Link11, Europe’s leading IT security provider in cyber resilience, has released its DDoS report for Q1 2021. The number of DDoS attacks continued to grow, as the report indicates. Between January and March, the Link11 Security Operations Centre (LSOC) recorded more than double the number of attacks than the prior-year period. Thus, the already alarming threat level from cybercrime, which like the COVID-19 virus has been raging in a parallel pandemic since spring 2020, has once again intensified.

The key findings from the report are:

  • The number of attacks continued to increase: + 128% increase in the number of attacks than Q1 2020 (factor of around 2.3).
  • Attack bandwidths remained high: 216 Gbps maximum in attack volume.
  • Increasing use of carpet bombing attacks: Attackers are more and more switching to carpet-bombing attacks with small-volume, low-threshold attacks, which remain under the radar of many protection solutions. The hundreds or thousands of small attacks running in parallel can easily add up to a high-volume attack of several tens or hundreds of Gbps and cause an infrastructure to collapse. This is particularly worrisome for hosting and cloud providers.
  • Highly dynamic attack tactics: 69% of attacks were multi-vector attacks combining multiple techniques.
  • DDoS attackers stick to their target even if they are unsuccessful: 1,489 minutes was the longest attack (>24 h). Without effective protection, long recovery times, which can be twice or three times as long as the actual attack, would still have to be considered.

The attackers increasingly targeted companies that were either in high demand due to the pandemic or had to shift their operations to digital. These included the healthcare sector, public administrations, educational institutions, logistics companies, online retail, media, and entertainment companies. However, data center operators, who play a significant role in the digitization of companies, were also under heavy fire. Almost every second DDoS attack (47%) targeted hosting providers and ISPs.

According to analyses by the LSOC, the threat situation is not expected to weaken in the coming months. But the increasing number of attacks and numerous new attack techniques suggest the quality and quantity will remain at this elevated level. Accelerated digitalization in the economy and society offers growing attack surfaces and lets cybercrime boom.

Marc Wilczek, Managing Director of Link11: “The exponential boom in cybercrime will outlast the pandemic. In a post-COVID era, companies and organizations must adapt to a permanently changed threat environment. Against this backdrop, they must reassess the risks of failure for their networked business and production processes.”

For more information on the threat landscape, see the full Link11 DDoS Report for Q1 2021, available as a free download.

Link11 Appoints New Regional Director for UK & Ireland
HTTP and HTTPS: What is the difference?
This site is registered on as a development site. Switch to a production site key to remove this banner.