DDoS Attacks Increase by 151% in First Half Of 2020
Neustar, Inc., a global information services and technology company and leader in identity resolution, today released its latest cyberthreats and trends report which identifies significant shifts in distributed denial-of-service (DDoS) attack patterns in the first half of 2020. Neustar’s Security Operations Centre (SOC) saw a 151% increase in the number of DDoS attacks compared to the same period in 2019. These included the largest and longest attacks that Neustar has ever mitigated at 1.17 Terabits-per-second (Tbps) and 5 days and 18 hours respectively. These figures are representative of the growing number, volume and intensity of network-type cyberattacks as organisations shifted to remote operations and workers’ reliance on the internet increased.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20200916005046/en/
Figure 1: Percentage change in number of attacks by size category, 2020 vs. 2019 (Graphic: Business Wire)
Neustar’s role in providing navigation for internet requests (via its global UltraDNS network) and in detecting and mitigating threats (through its UltraDDoS Protect service) has given the company a front-row seat from which to observe macro cyberattack trends, as detailed in its CyberThreats and Trends Report: Jan-Jun 2020.
Largest and smallest DDoS attacks becoming increasingly intense and sophisticated
Large DDoS attacks are bigger, more intense, and happening in greater numbers than ever before. There has been a noticeable spike in large attacks across the industry, most notably the 2.3 Tbps attack targeting an Amazon Web Services client in February – the largest volumetric DDoS attack on record.
Neustar saw the total number of attacks increase by over two and a half times during January through June of 2020 compared to the same period in 2019. The increase was felt across all size categories, with the biggest growth happening at opposite ends of the scale – the number of attacks sized 100 Gbps and above grew a whopping 275% and the number of very small attacks, sized 5 Gbps and below, increased by more than 200%. Overall, small attacks sized 5 Gbps and below represented 70% of all attacks mitigated by Neustar between January and June of 2020.
“While large volumetric attacks capture attention and headlines, bad actors increasingly recognise the value of striking at low enough volume to bypass the traffic thresholds that would trigger mitigation to degrade performance or precision target vulnerable infrastructure like a VPN,” said Michael Kaczmarek, Neustar Vice President of Security Products. “These shifts put every organisation with an internet presence at risk of a DDoS attack – a threat that is particularly critical with global workforces reliant on VPNs for remote login. VPN servers are often left vulnerable, making it simple for cybercriminals to take an entire workforce offline with a targeted DDoS attack."
The rise in smaller DDoS attacks has been matched by increases in attack sophistication and intensity. 52% of threats mitigated by Neustar leveraged three vectors or more, with the number of attacks featuring a single vector essentially nonexistent. Neustar also tracked new amplification methods and attacks of higher intensity targeted at critical pieces of web infrastructure. The previous high-water mark of 500 millions-of-packets-per-second (Mpps) was topped this year, with an attack of over 800 Mpps recorded.
“The dependency and growth in online communications since COVID-19 has fundamentally changed what organisations must do to succeed,” said Brian McCann, President, Neustar Security Solutions. “There is no one-size-fits-all solution for security, but having a reliable cloud service that ensures availability and security for all services and users has proven to be a critical difference between barely surviving and thriving in this rapidly changing environment.”
Ongoing impact of COVID-19 on cyberthreats and industry web traffic
The precipitous rise in DDoS attacks mirrors the growth in internet traffic seen during the pandemic. Internet use is up between 50% and 70% and streaming media rose more than 12% in the first quarter of 2020.This has meant that attackers of all types, whether serious cybercriminals or bored teenagers stuck at home, have had more screen time to be disruptive.
In a study of one of the largest cybercrime sites by Cambridge University’s Cybercrime Centre, they found that the number of attacks enacted by the website went up sharply at the start of the pandemic and associated lockdown. They also found that instead of existing cybercriminals staging more attacks, it was new attackers driving the increase in DDoS attacks.
The corresponding attacks, like internet traffic, have not been evenly spread across all websites. It’s well known that ecommerce and gaming websites have received a lot of negative attention from hackers, but there are other industries that have been hit hard by cybercriminals over the last six months. Healthcare organisations contain sensitive patient information and a growing number of IoT devices that are easily exploited. Combined with the additional pressure of the pandemic, hospitals have become some of the most desirable targets for cybercriminals. Industries that have seen a lot of growth during the pandemic, like online gambling, have also been ripe for cyberthreats. Most notably, online video has seen an incredible rise in both usage and DDoS attacks. Omdia has reported an additional 200 billion hours of Netflix viewing or Zoom video calls over initial 2020 forecasts.Where traffic rises, so too do attacks; Neustar attack mitigations for this vertical increased by 461% over the last six months.
“While 2020 has brought radical changes in behaviour to consumers and criminals alike, it is naïve to assume that actions of either audience will revert completely to pre-pandemic norms after this crisis passes,” added Kaczmarek. “Mitigating these increasingly sophisticated DDoS attacks will continue to be a necessary part of doing business online. At a time when many organisations could do with less worry, fully managed services can take the pressure off and ensure critical digital assets are safe and secure.”
The report highlights several emerging attacker tactics seen across the industry, including an increase in burst and pulse DDoS attacks, broadening abuse of built-in network protocols such as ARMS, WS-DD, CoAP and Jenkins to launch DDoS amplification attacks that can be carried out with limited resources and cause significant disruptions, NXNS attacks targeting DNS servers, RangeAmp attacks targeting Content Delivery Networks (CDNs), and a resurgence of Marai-like malware capable of building large botnets through the exploitation of poorly secured IoT devices.
A complimentary copy of Neustar’s CyberThreats and Trends Report 1H 2020 is available here.
Neustar is an information services and technology company and a leader in identity resolution providing the data and technology that enables trusted connections between companies and people at the moments that matter most. Neustar offers industry-leading solutions in Marketing, Risk, Communications and Security that responsibly connect data on people, devices and locations, continuously corroborated through billions of transactions. Neustar serves more than 8,000 clients worldwide, including 60 of the Fortune 100. Learn how your company can benefit from the power of trusted connections here: https://www.home.neustar.
# # #
Hotwire for Neustar
About Business Wire
(c) 2018 Business Wire, Inc., All rights reserved.
Business Wire, a Berkshire Hathaway company, is the global leader in multiplatform press release distribution.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Luxembourg to Start Real Life Testing of an International Standard for a Digital Circularity Fingerprint for Products27.11.2020 12:00:00 CET | Press release
The Ministry of the Economy of Luxembourg just launched phase two of the development of an international standard. It provides information on the circularity of products to all stakeholders involved along their value chains. A first viable version of the standard is being tested in real life, allowing to identify the most suitable governance model, the audit scheme and reliable IT systems for its management. Luxembourg started the Circularity Dataset Initiative in 2018 to address the difficulty for industry and consumers to access reliable data on the circular properties of a product. A lot of circularity information is missing, as its generation and handling requires too many human and financial resources. Furthermore, trade secrets are hindering transparency and reporting standards are lacking, forcing manufacturers to send out different data sets in diverse formats to customers and product platforms. To tackle these challenges, the Luxembourg government is working with multinational
Chengdu Continues to Enhance Trade Links and Cultural Exchanges to Expand Circle of Friends Around the World27.11.2020 10:24:00 CET | Press release
The Chengdu-Europe railway line spans over 10,000 kilometers across countless rivers and mountains, transporting goods to vast numbers of people across the Eurasian landmass. With increased trade, cultural links between Chengdu and Europe are also growing stronger. Against this backdrop, Chengdu-Eurasia National Pavilion Cluster (CENPC) has emerged in the Qingbaijiang District of Chengdu to further promote trade and cultural exchanges. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20201127005270/en/ Head of CENPC’s pavilion for France and the Netherlands Xu Dandan at work (Photo: Business Wire) CENPC is an important platform for trade exhibition and cultural exchange between countries along the Belt and Road. With trade promotion as a foundation, the project, which is expected to feature over 40 national pavilions, aims to deepen Sichuan’s global cooperation in fields such as culture, talent, education, and science and techno
Chengdu-Europe Railway Adds Momentum to Chengdu's Rise as an International Hub, Leading to Closer Cooperation Between Chengdu and Tilburg27.11.2020 10:14:00 CET | Press release
Chengdu in China's Sichuan Province and Tilburg in The Netherlands, the two cities at the opposite ends of the Eurasian landmass, are now closely connected via an intercontinental railway that spans nearly 11,000 kilometers. In a recent interview with Xinhuanet, Roland Verbraak, general manager of GVT Group of Logistics - the Dutch partner of the Chengdu-Europe Railway, praised: "Not only are our relationships with Chinese partners getting closer, but the two cities of Chengdu and Tilburg have also become sister cities. Chengdu's international development is progressing well at a rapid pace." This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20201127005267/en/ Roland Verbraak, general manager of GVT Group of Logistics (Photo: Business Wire) Goods shuttling along the Chengdu-Europe Railway line have not only spurred economic growth in China and The Netherlands but also deepened links between Chengdu and places along the route, add
REPLY: Reply enters into eSports27.11.2020 09:00:00 CET | Press release
Reply, on the eve of Milan Games Week, announces its entry into eSports in collaboration with Totem eSports, a project born in 2019 that spent the year battling its way through the most competitive titles of the main ESL circuits, which for the 2021 season will be renamed Reply Totem eSports. The Reply Totem eSports team, thanks to the experience gained by its young talents at national and international level, will compete in the next season in the ESL EVC circuits on the mobile titles including Clash Royale, Brawl Stars and on a series of other titles, ranging from sports such as FIFA to FPS and strategic cards. Reply's entry into eSports is part of a wider range of initiatives aimed at supporting young technology enthusiasts. With this collaboration, Reply, which already operates in the gaming sector with Game Studio and B2B initiatives, enters a market in continuous growth, that symbolizes the impact of digitalization in all sectors. Filippo Rizzante, Reply's CTO, commented: "The eS
Vertex Announces European Commission Approval for SYMKEVI ® (tezacaftor/ivacaftor) With KALYDECO ® (ivacaftor) for Eligible Children With Cystic Fibrosis Ages 6-11 Years27.11.2020 09:00:00 CET | Press release
Vertex Pharmaceuticals Incorporated (Nasdaq: VRTX) today announced that the European Commission has granted approval of the label extension for SYMKEVI® (tezacaftor/ivacaftor) with KALYDECO® (ivacaftor), to include the treatment of cystic fibrosis (CF) in patients ages 6 years and older who have two copies of the F508del mutation in the cystic fibrosis transmembrane conductance regulator (CFTR) gene or one copy of the F508del mutation and one copy of one of 14 mutations in the CFTR gene that result in residual CFTR activity: P67L, R117C, L206W, R352Q, A455E, D579G, 711+3A→G, S945L, S977F, R1070W, D1152H, 2789+5G→A, 3272-26A→G, and 3849+10kbC→T. “With this approval, children with CF in Europe ages 6 to 11 years with the most common mutation, F508del, have a new treatment option and children with certain residual function mutations will, for the first time, have a treatment option available that addresses the underlying cause of their CF,” said Reshma Kewalramani, M.D., Chief Executive O
Thales to Deliver the World’s First Fully Integrated Unmanned Mine Countermeasures System for the Royal Navy and French “Marine Nationale”26.11.2020 20:55:00 CET | Press release
Following the first phase of the program in which two demonstrators have successfully proven their operational performances at sea, France and the United Kingdom marked the tenth anniversary of the Lancaster House treaties by signing a joint contract for Thales to start the production phase of MMCM to deliver eight unmanned mine hunting systems (four for France and four for the United Kingdom). This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20201126005783/en/ MMCM system at sea ©Thales With the threat of mines and improvised explosive devices present in all conflicts involving naval forces, countries need to strengthen the protection of their maritime domain, to ensure the protection of their assets and to safeguard the freedom of civil navigation. At the same time, it is essential to limit human exposure to mines. With 50 years of expertise serving navies around the world, Thales develops technologies that enable the transiti