Check out the 1H 2020 Threat Report. Our new report: Download Report

Netscout Threat Intelligence Report

Cybercrime: Exploiting a Pandemic

Issue 5: Findings from 1H 2020

For cybercriminals, the COVID-19 pandemic is nothing short of an outstanding business opportunity—and they have taken full advantage.

Attackers targeted COVID-era lifelines such as e-commerce, healthcare, and educational services with short, complex, high-throughput attacks designed to quickly overwhelm and take down targeted entities. The impact of this activity is significant; ASERT measured just how much DDoS traffic crosses global and regional infrastructure—traffic that we all pay for.

  • Number of Attacks in 1H 2020

    0.00M
    0%

    Increase from 2019

    0%

    Increase during the height of pandemic lockdown

  • Top COVID-Era Targets

    • E-commerce
    • Healthcare
    • Educational services

Pandemic Profiteers

Cybercriminals pounced on pandemic-driven vulnerabilities, launching an unprecedented number of shorter, faster, more complex attacks designed to increase ROI.

Total DDoS Attacks
April–May 2020

0

Single largest number of attacks we’ve seen over any 31-day period

DDoS Attack Frequency
March–June 2020

0%

Increase during the pandemic lockdown

Average attack duration

0%

Decrease during the pandemic lockdown

View Country Snapshots of DDoS Activity

Multivector Attacks Get Super-sized

Attacks were also more complex, as 15-plus vector attacks spiked 2,851 percent in popularity since 2017. Three years ago, such attacks were considered outliers. Now, they are one of the most potent weapons in the DDoS attack arsenal. Meanwhile, we saw single-vector attacks drop 43 percent year over year.

Attacks using 15+ vectors

0%

Increase in attacks from 2017 to 2020

Single Vector Attacks

0%

Decrease from 2019 to 2020

Hidden Impact of DDoS Traffic

The stat that really caught our eye was the sheer magnitude of bandwidth and throughput consumed by DDoS attacks overall—traffic that we all pay for. But how much traffic on the global internet is due solely to DDoS attacks? To find out, we created the DDoS Attack Coefficient (DAC). DAC represents the total sum of DDoS traffic traversing any given region or country in one minute. This traffic imposes an unending DDoS tax on every internet-connected organization and individual around the world. If we observed no DDoS attacks in a region for a one-minute interval, the DAC would be zero. But that’s not what we saw.

Top Bandwidth DAC

0.0 TBPS

EMEA, June 2020

Top Throughput DAC

0 MPPS

APAC, June 2020

Periodic Table of DDoS Attack Vectors

The research into attack vectors and how attackers leverage them illuminates the ever-evolving nature of the DDoS threat landscape. This table sorts vectors by attack numbers, as well as digging into details about risk level and amplification factors.

The Takeaway

4.8 million DDoS attacks hit the world in the first six months of 2020—and at what price?

Those attacks consumed enormous amounts of bandwidth and throughput—and both service providers and enterprises must absorb that traffic as a cost of doing business in the digital economy. But then, cybersecurity math has always favored the bad guys. The latest example is the trend towards fast but complex multivector attacks. Such scenarios only highlight the vital role of advanced and automated DDoS technology.

Shorter Duration
+ Increased Complexity

Less time to respond to increasingly difficult-to-mitigate attacks

ASERT monitors the threat landscape and reports on new actors, malware under development, and the increasingly sophisticated tools and techniques deployed. For an in-depth summary, download the latest NETSCOUT Threat Intelligence Report for the first half of 2020.

Download the Report

Access Past Reports
Check out the 1H 2020 Threat Report. Our new report: Download the Report