The current Pandemic of Covid-19 has no doubt given a massive boost to all sort of criminal activity, with phishing and ransomware on the rise, DDoS couldn’t lag behind.
A fact confirmed by Kaspersky, that in its most recent report said that the number of distributed denial-of-service (DDoS) attacks spiked in the second quarter of 2020.
According to thier quarterly DDoS attacks report, the events were three times more frequent in comparison to the second quarter last year, an increase of over 200% over last year, and were up 30 percent from the number of DDoS attacks observed in the first quarter of 2020.
This is an anomaly, but aren’t we used to anomalies in times like these?
In fact the typical trend for DDoS is for attacks to spike at the beginning of the year, coinciding with the most intese season for businesses.
Then, usually, attacks fall off in late spring and summer.
DDoS: the numbers of 2020
As Kaspersky researchers pointed out that the number of attacks in Q2 2019 fell by 39 percent compared to Q1 2019; with a similar trend seen in 2018. But this year is certainly the year of outliers…
Obviously with more people than normal connected both for personal, but mostly work-related activities, DDoS as other cyber crime activities is making itself more attractive and profitable.
In the end, like most things Cyber Crime is all about profits and a period like this one means a never seen before range of targets.
“Kaspersky experts believe the rise in malicious activity can be attributed to the impact of COVID-19, as both cybercriminals and their targets have had to reconsider their summer plans. The pandemic and subsequent social-distancing restrictions have significantly changed people’s lives and many are either spending their days off in ‘staycation’ mode or have cancelled their scheduled holidays. This change in summer plans has had unexpected consequences, like an increased number of DDoS attacks.”, Kaspersky pointed out.
The research, released on Monday, also pointed out that the average number of attacks per day increased; with a record of nearly 300 in the busiest day (9th of april).
As always the targets are the usual suspects like educational and government institutions, with the first experiencing less strain during these summer months coinciding with the school holidays all over the world.
China, the United States and Hong Kong are currently of the podium of most attacked nations with Great Britain making a surprise appearance in the top 10.
Among the other interesting data points, the firm saw that DDoS botnet activity increased on Wednesdays and Thursdays and decreased on Saturdays. And most attacks only lasted about 20 minutes. The longest attacks lasted a few days (215, 214 and 210 hours were the top), which is more than half the number of the first quarter’s longest-lasting attacks (about 19 days).
As for vectors, SYN flood remains the main DDoS attack tool (94.7 percent), while ICMP attacks accounted for 4.9 percent – other types of DDoS attacks were rarely seen. However, Kaspersky noted that two new DDoS amplification methods were discovered last quarter.
So it seems that the uptick in cybercrime is continuing as the pandemic continues…