Pandemic fosters DDoS attacks

​

A record-setting ten million-plus DDoS attacks and a 22% increase in attack frequency are among the findings according to the 2H2020 NETSCOUT Threat Intelligence Report (www.netscout.com/threatreport).

In its bi-annual Threat Intelligence Report (www.netscout.com/threatreport), NETSCOUT, reveals that cybercriminals exploited vulnerabilities exposed by massive internet usage shifts from office to home since many users were no longer protected by enterprise-grade security.  Attackers paid particular attention to vital pandemic industries such as e-commerce, streaming services, online learning, and healthcare generating a 20% year-over-year increase in attack frequency over 2019 plus a 22% increase in the last six months of 2020.
 
“Cybercriminals set multiple records in 2020, taking advantage of the shift towards remote work across the globe,” says Richard Hummel, Threat Intelligence Lead, NETSCOUT.  “The second half of last year witnessed a huge upsurge in DDoS attacks, brute-forcing of access credentials, and malware targeting internet-connected devices.  As the COVID-19 pandemic continues, it will be imperative for security professionals to remain vigilant to protect critical infrastructure.”

In August, a threat actor NETSCOUT (www.netscout.com) dubbed Lazarus Bear Armada (LBA) launched one of the most sustained and extensive DDoS extortion campaigns yet seen, taking down the New Zealand stock exchange and targeting organisations involved in COVID-19 testing and vaccine development.

According to NETSCOUT's Worldwide Infrastructure Security Report® (WISR), which helps inform the Threat Intelligence Report findings, the number of enterprise respondents reporting DDoS extortion attacks increased by 125%.  Overloaded firewalls and virtual private network (VPN) concentrators, crucial technologies used during the pandemic lockdown, contributed to the outages in 83% of the enterprises that suffered DDoS attacks.  This finding represents a 21% increase over 2019 figures.
 
Other key findings from the NETSCOUT 2H2020 Threat Intelligence Report include monthly DDoS attack numbers surpassed 800,000 with the average number of attacks being 839,083 attacks per month in 2020; whilst adversaries using Mirai malware and its variants took advantage of shifts away from enterprise-grade protection to generate a surge in brute-force attempts on Internet of Things (IoT) consumer-grade devices.

An interactive version of the Report can be found at www.netscout.com/threatreport