Key metrics from the 1H 2021 Netscout Threat Intelligence Report
Flag of Germany

Germany

The massive shift to online life triggered by the COVID-19 pandemic prompted record-breaking levels of innovation by threat actors, and NETSCOUT’s ATLAS Security Engineering and Response Team (ASERT) expects this long tail of attacker innovation to last well into 2021.

Bad actors launched approximately 5.4 million DDoS attacks in 1H 2021—yet another record-breaking number. In particular, attackers launched unprecedented numbers of DDoS attacks in the first quarter, boosting attack frequency by 20 percent over the same time period in 2020. Meanwhile, adversaries discovered or weaponized seven UDP reflection/amplification DDoS attack vectors and developed adaptive multivector attacks specifically tailored to exploit vulnerabilities of their targets. Vital components of the connectivity supply chain came under increased attack, while ransomware gangs added triple-extortion DDoS tactics to their repertoire and the Fancy Lazarus threat actor launched a new DDoS extortion campaign.

Max Multivector Attack

Max number of vectors seen in a single attack

31

Attack Vectors Used

1. Chargen amplification
2. Citrix-ICA amplification
3. CLDAP amplification
4. COAP amplification
5. DNS
6. DNS amplification
7. ICMP
8. IMPI amplification
9. IPv4 Protocol 0
10. ISAKMP
11. L2TP amplification
12. mDNS amplification
13. Memcached amplification
14. MSSQLRS amplification
15. NetBIOS amplification
16. NTP amplification
17. OpenVPN amplification
18. Plex amplification
19. RIPv1 amplification
20. rcpbind amplification
21. SNMP amplification
22. SSDP amplification
23. STUN amplification
24. TCP ACK
25. TCP NULL
26. TCP RST
27. TCP SYN
28. TCP SYN/ACK amplification
29. Ubiquiti amplification
30. VSE amplification
31. WS-DD amplification

Top 5 Attack Vectors

Ta

TCP ACK

Number of Attacks

86,341

Dn

DNS amp

Number of Attacks

39,547

Ts

TCP SYN

Number of Attacks

38,083

Im

ICMP

Number of Attacks

31,869

Tr

TCP RST

Number of Attacks

26,938

Top Ten Vertical Industries Under Attack

The following industry chart shows the most targeted sectors in 1H 2021 by number of attacks.

Rank Vertical Frequency Max Attack Max Impact Average Duration
1
cloud icon with up arrow Data Processing, Hosting + Related Services
25,895 114.42 Gbps 27.86 Mpps 50.3 Minutes
2
shopping cart icon Electronic Shopping + Mail-Order Houses
15,736 114.42 Gbps 25.67 Mpps 32.1 Minutes
3
Wired Telecommunications Resellers icon Wired Telecommunications Carriers
6,468 114.42 Gbps 25.67 Mpps 57.4 Minutes
4
Telecomm Tower icon Other Telecommunications
3,306 114.42 Gbps 25.67 Mpps 68.9 Minutes
5
cell phone icon Wireless Telecommunications Carriers
2,917 112.28 Gbps 22.58 Mpps 47.8 Minutes
6
laptop icon Electronic Computer Manufacturing
1,680 74.58 Gbps 16.41 Mpps 99.5 Minutes
7
computer storage icon Computer Storage Device Manufacturing
687 74.88 Gbps 15.88 Mpps 115.0 Minutes
8
radio icon Internet Publishing, Broadcasting + Web Search Portals
622 81.86 Gbps 87.52 Mpps 98.5 Minutes
9
house with heart and plus symbol icon Other Residential Care Facilities
618 19.28 Gbps 2.55 Mpps 18.8 Minutes
10
tooth icon Offices of Dentists
392 22.65 Gbps 6.64 Mpps 37.8 Minutes
Download PDF Download PDF German - Deutsche