DDoS attacks boomed in 2020. Don’t expect that to change in 2021
Plenty of things ground to a halt in 2020 as the coronavirus pandemic swept the world. But one area that most certainly didn’t suffer these effects was DDoS attacks. Such attacks, which are designed to knock websites and services offline or else render them inaccessible, soared during COVID-19. As internet traffic exploded due to home-working and remote learning, among other factors, so too did the number of DDoS attacks launched against companies without the proper Anti-DDoS protection.
A DDoS attack is a form of cyberattack in which targets are bombarded with huge amounts of fraudulent traffic. This is frequently distributed via what is known as a botnet, an army of internet-connected devices that have usually been infected by malware to turn them into the IoT equivalent of a Manchurian Candidate, able to be called into action at a moment’s notice.
From “Ping of Death” attacks to HTTP Floods, DDoS attacks can come in many variations. However, the overall goal is always the same: to threaten or deliver enormous amounts of disruption at the operators of those websites or services that are targeted. At a time when more people than ever are reliant on connectivity, the opportunity for these attacks to inflict enormous amounts of damage is greater than ever.
Also Read: Top Most Common Types Of Cyberattacks
2020 wasn’t a good year, to say the least
2020 saw many dubious “milestones” in the ramping up of DDoS attacks. The size of attacks continued to increase, resulting in attacks such as a June 2020 incident in which a DDoS attack of 809 million packets per second (Mpps) was launched against a major European bank. Amazon Web Services (AWS), meanwhile, reported that it had managed to successfully defend against a monster 2.3 terabit per second (Tbps) DDoS attack.
In many cases, DDoS attacks targeted businesses both large and small. But the new reliance on internet-based infrastructure for the likes of remote learning also opened up new potential targets for cyberattackers. In one incident, taking place early in the 2020-2021 school year, a series of 12 DDoS attacks were made on the Miami-Dade public school system’s distance learning technology and other IT infrastructure. The attacks resulted in the cancelation of online classes for approximately 200,000 students in the region.
Other types of DDoS attack
In some instances, DDoS attacks may be leveled against victims purely to cause chaos. In other scenarios, they could be launched by unscrupulous business rivals looking to hurt a competitor at a time when more people than ever are reliant on access to ecommerce platforms and the like.
However, another growing trend involves the threat of DDoS attacks for the purposes of extortion. These attacks, which also showed a big uptick in numbers during 2020, work by leveraging the fear a DDoS attack can trigger in potential targets. Rather than simply knocking a website or service offline, DDoS extortion attacks threaten an attack if a potential victim does not agree to pay up a certain amount of money to avoid it.
This money is usually demanded in Bitcoin or another cryptocurrency, thereby making it difficult to trace the attackers after the extortion attempt has been carried out. Such ransoms can be steep (and may increase in size the longer a target fails to respond), but bank on the fact that paying the ransom will be theoretically less costly for a company in terms of direct expenditure and reputational damage than the attack taking place.
The new normal
As the world enters 2021, there’s little evidence that this trend will reverse any time soon. If the “new normal” that COVID-19 has ushered in truly is the new norm then reliance on remote access tools and infrastructure will be around for quite some time. For example, almost as soon as the year started, video game giant Blizzard confirmed that it has been the victim of a DDoS attack. This caused high latency and disconnections for its gamers on highly popular titles like World of Warcraft.
With DDoS attacks increasing in both number and scale all the time, it’s important that companies take measures to protect themselves. Tools such as Web Application Firewalls (WAFs) can lend a big assist by blocking malicious traffic while allowing filtered traffic from genuine users to get through.
Cybersecurity companies can also offer the means to help organizations absorb DDoS attacks, meaning that websites and online services won’t be overwhelmed and rendered inaccessible by attacks.
Protecting against DDoS attacks
Seeking out these solutions is one of the smartest steps you can take. The results of DDoS attacks can be devastating, whether it’s in causing unwanted downtime, allowing rival services to get a leg-up on you, or simply damaging customer trust in a way that means they may not rely on you again in the future.
Being able to safeguard against such attacks is a cybersecurity gamechanger. It means that, at least for you, 2021 really doesn’t have to be like 2020.
Also Read: Windows Powershell An Attack Vector Increasingly Popular With Cyber Criminals