DDoS Attacks Increased by 1/3 in Q3 According to New Report **INTVS AVAIL**
November 2021 by Lumen Technologies
Data from the Lumen Technologies Q3 DDoS Report, released today, reveals that three fundamental metrics – quantity, size and complexity of DDoS attacks – all increased in the third quarter of 2021. To compile these findings, the security team at Lumen analyzed intelligence from Black Lotus Labs – the company’s threat research arm – and attack trends from the Lumen DDoS Mitigation Service platform, which integrates countermeasures directly into the company’s extensive and deeply peered global network.
DDoS Attack Trends
• Lumen mitigated 35% more attacks in Q3 than in Q2.
• The largest bandwidth attack scrubbed in Q3 was 612 Gbps – a 49% increase over Q2 – and the largest packet rate-based attack scrubbed was 252 Mpps – a 91% increase.
• The longest DDoS attack period Lumen mitigated for an individual customer lasted 14 days.
• For the first time, 28% of multi-vector mitigations involved a complex combination of four different attack types, including DNS amplification, TCP RST, TCP SYN-ACK amplification and UDP amplification.
• Like Q2, the top two verticals targeted in the 500 largest attacks in Q3 were Telecom and Software/Technology; the Retail vertical, which did not make the top 3 in Q2, was the third most attacked industry in Q3.
IoT DDoS Botnets
• Although Lumen observed a 26% decrease in unique C2s for Gafgyt and Mirai – two predominant IoT botnet families it continually monitors – the company observed more than 217,000 DDoS botnet hosts globally. This represents a 45% increase over Q2 and the most seen all year.
• Lumen tracked more than 2,100 C2s globally. The countries with the most C2s were (in order): China, United States and, tied for third, Taiwan and the Netherlands.