The New DDoS ‘Normal’ is Not Normal in Any Way

Image sourced from Shutterstock.

Threat actors will never turn down an opportunity for innovation, and the COVID-19 pandemic has provided an enormous such opportunity. We are seeing this quite clearly in the numbers coming through – and the new ‘normal’ around distributed denial of service (DDoS) attacks is not normal at all.

So says Carole Hildebrand, Senior Strategic Marketing Writer at NETSCOUT, a leading global provider of service assurance, security and business analytics. Writing in a recent blog, she explains, “After an astonishingly active first quarter of DDoS attack activity, things calmed down a bit for the second quarter of 2021. Unfortunately, ‘calmed down’ is a relative term.”

NETSCOUT decided to compare the numbers of DDoS attacks during the COVID-19 era of 2020 and 2021 thus far, with pre-COVID numbers represented by 2019.

According to research from NETSCOUT’s ATLAS Security Engineering and Response Team (ASERT), threat actors launched approximately 5.4 million DDoS attacks in the first half of 2021. This is an 11% increase from the same time period in 2020. Extrapolating from this, it is plausible to anticipate a final total of around 11 million DDoS attacks by the time 2021 is over.

The first quarter of 2021 reflected a record outpouring of DDoS attacks at 2.86 million. The second quarter of 2021 then decreased by 13% to a total of 2.48 million attacks. The Q2 2021 figures also showed a small decrease (6.5%) compared with the same period in 2020.

But to put things in perspective: it was only in June 2021 that the global monthly DDoS attack numbers dropped below 800,000 for the first time since March 2020 – over one year ago – at a figure of 761,914.

Even then, these attack numbers were more than the highest point in quarter two of 2019 (April), with a figure then, in the pre-COVID era, of 755,748 DDoS attacks. In other words, the overall trend is upwards.

The graph below, comparing Q2 figures for 2019, 2020 and 2021, shows this very clearly.

Image courtesy NETSCOUT.

“In its ‘2020 2H Threat Intelligence Report: DDoS in a time of pandemic’, NETSCOUT observed a huge upsurge in DDoS attacks over the past year or so, including multiple record-breaking events such as the most DDoS attacks in a single year, of more than 10 million,” comments Risna Steenkamp, General Manager: ESM Division at Networks Unlimited, which distributes NETSCOUT solutions throughout Africa.

“We also saw, in the 2020 report, monthly DDoS attack numbers that regularly exceeded the 2019 averages by 100,000 to 150,000 attacks. It appears that this trend is not going away.”

Hildebrand notes that “…the pandemic’s long tail of cyberthreat innovation will likely continue well into 2021 as cybercriminals continue to discover and weaponise new attack vectors that exploit pandemic-related vulnerabilities.”

“In this COVID-19 governed global village, we need to apply our minds around doing business effectively, and the sharing of information is key,” says Steenkamp.

“NETSCOUT is all about network visibility and this is a key element of network protection. Staying up-to-date with the latest threat intelligence, and using proper DDoS protection against the current trends, in which DDoS attacks are increasing in size, frequency and complexity have become more critical than ever,” she concludes.

Please contact Janco Taljaard at janco.taljaard@nu.co.za for more information.


By Staff Writer.