DDoS fatigue: number of attacks falls by 73% in Q3, but some days are still busy with malicious traffic
October 2020 by Kaspersky
The number of DDoS attacks decreased in the third quarter of 2020, according to data from Kaspersky DDoS Protection. Analysis of commands received from command and control servers also demonstrates this decline. However, despite the overall stabilisation of the DDoS market during the year, the quarter still saw a year-on-year rise, and the year’s highest number of attacks in a single day, totaling 323.
Lockdown increased users’ reliance on online services, so in the first two quarters of the year there was a spike of DDoS attacks aimed at disrupting their work. Educational and administrative resources were hit particularly heavily. However, Q3 results showed that DDoS activity is returning to normal. In Q3 2020, Kaspersky DDoS Protection detected 73% fewer attacks than in the previous quarter. However, compared to the same period in 2019, this figure has seen a one-and-a-half times year-on-year increase. This means that the decline observed during Q3 can mostly be explained by the abnormal rise of attacks in the second quarter.
The number of DDoS attacks in Q3 per day (according to analysis of commands received by bots from C&C servers)
The analysis of commands received by bots from command and control servers also revealed a drop in DDoS attacks. On average, 106 attacks per day were carried out in Q3, while there were 10 more in the previous quarter. Nevertheless, while things have been quieter – there were three days where only one attack was registered - some periods still saw high DDoS activity. The most noticeable was July 2 which saw a record-breaking 323 attacks, the highest number for the whole of 2020. The previous peak was 298 attacks, registered back in April.
“Many companies were not prepared for remote working or didn’t consider their web assets as critical. For instance, we had several requests from organisations, such as mask manufacturers, that fell victim to DDoS attacks. Previously, these businesses did not even think about DDoS protection. The situation is improving as more businesses have managed to strengthen their cyber-defenses to mitigate this security weakness. As a result, less DDoS attacks have been effective in Q3. Nonetheless, attackers remain quite active, so we advise those who are yet to adopt appropriate measures not to put this issue on the back burner,” comments Alexey Kiselev, Business Development Manager on the Kaspersky DDoS Protection team.
To stay protected against DDoS attacks, Kaspersky experts offer the following recommendations:
• Maintain web resources operations by assigning specialists who understand how to respond to DDoS attacks.
• Validate third-party agreements and contact information, including those made with internet service providers. This helps teams quickly access agreements in case of an attack.
• Implement professional solutions to safeguard your organisation against DDoS attacks. For example, Kaspersky DDoS Protection combines Kaspersky’s extensive expertise in combating cyberthreats and the company’s unique in-house developments.