The first half of 2021 was massive Ransomware and ransom DDoS attack campaigns that disrupted critical infrastructure around the world and a vulnerability in Kaseya’s IT management software that was exploited to target schools, the public sector, travel companies and credit unions. Meanwhile, in the second half of the year, a new botnet called Meris, record breaking HTTP DDoS and network level attacks observed over the Cloudflare network.
When it came down to it Ransom DDoS attacks, they grew 29 percent year-over-year and 175 percent quarter-over-quarter. In fact, in December alone, one in three Cloudflare respondents said they were attacked by a ransom DDoS attack or threatened by an attacker.
At the same time, the fourth quarter was the busiest quarter for attackers launching DDoS attacks at the network level, with more attacks observed in that quarter than in the first and second quarters of 2021 separately. While most of these attacks were small, Cloudflare was able to automatically block dozens of attacks that peaked over 1 Tbps, with the largest at just under. lay 2 Tbit / s. There was also one ongoing ransom DDoS campaign against VoIP provider in the fourth quarter worldwide.
Application-level DDoS attacks
Application-level DDoS attacks, in particular HTTP DDoS attacks, are attacks that are usually aimed at disrupting a web server by making it impossible to process legitimate user requests.
In 2021, the manufacturing, business services, and games / gambling industries were hardest hit by application-level DDoS attacks, with attacks on manufacturing companies increasing 641 percent in the fourth quarter versus the previous quarter.
In terms of the origin of these attacks, China remains the country with the highest proportion of domestic DDoS attacks for the fourth straight quarter, followed by the US, Brazil and India. The US was the country most affected by application-level DDoS attacks, followed by Canada, Germany, France and Ukraine.
As cybercriminals and other threat actors increasingly use DDoS attacks to bar companies against ransom and attack critical infrastructures, companies should ensure that they have adequate DDoS protection to empower both their websites and their online services.
#DDoS #attacks #hit #highs