Key metrics from the 1H 2021 Netscout Threat Intelligence Report
Flag of Australia

Australia

The massive shift to online life triggered by the COVID-19 pandemic prompted record-breaking levels of innovation by threat actors, and NETSCOUT’s ATLAS Security Engineering and Response Team (ASERT) expects this long tail of attacker innovation to last well into 2021.

Bad actors launched approximately 5.4 million DDoS attacks in 1H 2021—yet another record-breaking number. In particular, attackers launched unprecedented numbers of DDoS attacks in the first quarter, boosting attack frequency by 20 percent over the same time period in 2020. Meanwhile, adversaries discovered or weaponized seven UDP reflection/amplification DDoS attack vectors and developed adaptive multivector attacks specifically tailored to exploit vulnerabilities of their targets. Vital components of the connectivity supply chain came under increased attack, while ransomware gangs added triple-extortion DDoS tactics to their repertoire and the Fancy Lazarus threat actor launched a new DDoS extortion campaign.

Max Multivector Attack

Max number of vectors seen in a single attack

23

Attack Vectors Used

1. Chargen amplification
2. CLDAP amplification
3. DNS
4. DNS amplification
5. ICMP
6. ISAKMP
7. L2TP amplification
8. MDNS amplification
9. Memcached amplification
10. MSSQLRS amplification
11. NetBIOS amplification
12. NTP amplification
13. OpenVPN amplification
14. RIPv1 amplification
15. rpcbind amplification
16. SNMP amplification
17. SSDP amplification
18. TCP ACK
19. TCP NULL
20. TCP RST
21. TCP SYN
22. TCP SYN/ACK amplification
23. Ubiquiti amplification

Top 5 Attack Vectors

Dn

DNS amp

Number of Attacks

23,132

Im

ICMP

Number of Attacks

16,531

Cd

CLDAP

Number of Attacks

13,452

Ta

TCP ACK

Number of Attacks

11,834

Np

NTP amp

Number of Attacks

5,082

Top Ten Vertical Industries Under Attack

The following industry chart shows the most targeted sectors in 1H 2021 by number of attacks.

Rank Vertical Frequency Max Attack Max Impact Average Duration
1
Wired Telecommunications Resellers icon Wired Telecommunications Carriers
3,065 90.86 Gbps 19.71 Mpps 37.3 Minutes
2
cloud icon with up arrow Data Processing, Hosting + Related Services
1,682 37.35 Gbps 22.10 Mpps 41.8 Minutes
3
cell phone icon Wireless Telecommunications Carriers (except Satellite)
1,294 93.80 Gbps 19.16 Mpps 57.2 Minutes
4
laptop icon Electronic Computer Manufacturing
1,276 51.41 Gbps 17.69 Mpps 68.8 Minutes
5
shopping cart icon Electronic Shopping + Mail-Order Houses
564 100.29 Gbps 19.59 Mpps 29.8 Minutes
6
radio icon Internet Publishing, Broadcasting + Web Search Portals
245 1.65 Gbps 0.20 Mpps 58.3 Minutes
7
Telecomm Tower icon All Other Telecommunications
220 82.18 Gbps 16.36 Mpps 60.5 Minutes
8
Checklist icon Process Physical Distribution + Logistics Consulting Services
152 9.05 Gbps 1.36 Mpps 34.4 Minutes
9
Document with PDF icon Software Publishers
149 1.48 Gbps 0.15 Mpps 61.0 Minutes
10
riding lawn mower icon Landscaping Services
97 4.90 Gbps 0.53 Mpps 45.9 Minutes
Download PDF Download PDF