DDoS attacks rose to the highest level on record last year as cybercriminals took advantage of the COVID-19 pandemic
Link11, the leading European IT security provider in the field of cyber-resilience, has released findings from its annual DDoS Report for 2020, which revealed DDoS attacks reached a record high during the pandemic as cybercriminals launched new and increasingly complex attacks. The analysis, which was carried out by the Link11 Security Operations Center (LSOC) in combination with OSINT, showed a boom in DDoS attacks that was closely linked to the pandemic.
Key findings from the Link11 DDoS Report include:
As the attack surfaces for companies have increased in size and complexity due to the digital transformation triggered by the pandemic, DDoS attackers have adapted to these trends. In addition to VPNs and APIs, attackers also focused on CRMs, databases, and email and web servers, which attacks extending across all layers.
“We’ve seen a large increase in vulnerabilities that can be exploited by DDoS attacks,” says Marc Wilczek, Managing Director of Link11. “Attackers are constantly scanning the internet for new ports and protocols that can be used to overload companies’ IT infrastructures. Not all companies have adapted to this threat, and there have been many headline-grabbing outages as a result.”
The 2020 DDoS report revealed that cybercriminals began ramping up their DDoS extortion efforts in the second half of the year. Extortionists posing as Fancy Bear, Cozy Bear, Armada Collective, and Lazarus Group mainly targeted operators of critical infrastructure and providers of financial services, eCommerce, and hosting services. Often using large-volume warning attacks of over 50 Gbps, the extortionists pressured companies to pay ransoms ranging from five to 15 Bitcoins.
The report also suggests that DDoS attacks will continue to be prevalent in 2021. Digital corporate IT, cloud services and APIs will continue to experience heavy DDoS fire in the coming months and companies should include the threat of DDoS extortion in their risk assessments.
Detailed information on the threat situation can be found in the full Link11 DDoS Report which is available for download on the Link11 website.