The COVID-19 pandemic isn’t the only thing we’ve been struggling with for the last six months. The new threat might even be worse since it’s a risk to our online safety, financial stability, and security.
Ever since the coronavirus pandemic, businesses have had to shift to remote work to stay afloat and keep working.
In turn, this caused a surge of cyberattacks. These attacks have been targeting pretty much everyone, focusing mostly on IT infrastructures and businesses. Throughout 2020 the number of these attacks and threats has been steadily growing, and they are not showing any signs of giving up.
Hacking activities have increased by over 600% in 2020 alone. But even with the effects of the pandemic slowly fading away, cyberattacks and threats are still growing in numbers.
A report by a leading cybersecurity provider in Europe, Link11, showed that the number of DDoS attacks has doubled during the first quarter of 2021 compared to Q1 of 2020.
With new trends, new threats, and new types of attacks being developed nearly every day, constant cyberthreats are becoming the new norm for our daily online lives.
In general, over the past two years, there has been an increase in all kinds of malicious activity online.
Phishing and spear-phishing scams increased by 12-60% in 2020.
The use of malware increased by a whopping 358% last year. And one of the biggest threats to businesses today, ransomware attacks, rose by 435% since 2019.
Even amid all this chaos, DDoS attacks are still the primary threat individuals, infrastructures, and businesses face today.
In 2020 DDoS activity has only escalated, amounting to a 542% increase. Despite several projections, these numbers continued increasing during the first quarter of 2021.
Furthermore, Link11’s report also stated that DDoS attacks have increased by 128% during the first quarter of this year compared to the same period last year.
Not only have the number of DDoS attacks increased but so have the tactics used to carry them out. As a result, cyberattacks are becoming more sophisticated, making them harder for individuals, organizations, governments, and businesses to foresee and dodge.
These issues are anticipated to become a bigger threat in post-COVID times.
The Evolution Of DDoS Attacks
There are numerous ways cybercriminals can attack you, and yet DDoS attacks remain one of their favorite tools. As DDoS activity steadily increases quarter after quarter, it seems highly likely that this trend will continue.
However, the use and application of DDoS attacks may be changing forever.
DDoS might not be used as a primary way to take down a business anymore. Experts speculate that DDoSing might become a tool to distract a target from other forms of attack, drain the target’s resources, or check the infrastructure for vulnerabilities.
A successfully repelled DDoS attack might not be good news anymore. Instead, it may mean that the real damage is being done elsewhere.
Bit-And-Piece Attacks Taking Place More Frequently
Even though most DDoS attacks are still growing in scale and using huge bandwidths to attack their targets, experts see more danger in Bit-and-Piece DDoS attacks.
Nexusguard reports that Bit-and-Piece attacks as small as 30 Mbps have increased by 570% in 2020.
These attacks are more subtle and work by injecting malicious traffic within the regular flow. This makes them harder to spot and tougher to deal with. Cybercriminals use this new method when attacking bigger targets, such as ISPs and CSPs.
The only known solution to this problem, so far, is to switch to threat detection using machine learning. This tactic can help identify malicious patterns early on. However, this is not a technique any business has the resources to switch to.
More Dynamic Attacks
Hackers are getting smarter and more innovative.
Several reports regarding cybersecurity show that during 2020 and 2021, 69% of DDoS attacks were multi-vector.
This trend gives the attackers greater success in taking down their target. This tactic can also be used to scan systems for possible vulnerabilities for later, different attacks.
There are sophisticated and well-known and accessible ways to fend off a run-of-the-mill DDoS attack. However, these multi-vector techniques can become seriously problematic.
More Persistent DDoS Attacks
The new trend of DDoS attacks also shows them sticking to targets, whether they are successful or not. The longest attempted attack lasted over 24h, and it happened this year.
The increase in attack times can allude to many things. The primary speculations seem to be that:
- DDoS attackers are persistent with their targets, with the hopes of an attack being successful over time.
- The attacks aim to increase recovery times, which can be twice, or even three times longer than the initial attack itself.
- This trend is also indicating that DDoS attacking is turning into a service. Attacks are running on autopilot for specific timeframes, depending on how long they were paid for.
- The high-bandwidth, long-term DDoS attacks may be used to pillage the targets’ resources and draw their attention away from other types of intrusions.
Everyone Is in Danger
You’ve probably heard about all the latest “big” hacks. McDonald’s, Colonial Pipeline, JBS, and others have all fallen victim to these attacks, and more will definitely follow.
However, these aren’t the primary targets of cyberattacks.
During the pandemic, most of the DDoS attacks have been targeting institutions that were in high demand. Those include educational, governmental, and healthcare-related institutions.
Numbers show that 47% of DDoS attacks are targeting hosting providers, data center operators, and ISPs, aiming to maximize damage by taking down principal IT infrastructures.
Despite what these statistics show, it seems that those reeling from the effects of DDoS attacks are small- and medium-scale businesses who had recently transitioned to remote work.
Unlike bigger targets, they do not have the resources to protect themselves against attacks that are becoming more and more sophisticated.
The reward of taking down a smaller business might not be as high as, say, taking down one of the major pipelines in the US. However, attackers don’t need to use as much effort or resources when attacking them.
Pandemic Turns From Medical To Digital
Most experts try to remain optimistic, stating that cyberthreats will decrease and get weaker as the months go by.
Others say DDoS attacks are becoming more complex and frequent.
The new tactics and techniques highlight the dawn of the latest age of cybercrime – one that is capitalizing on the pandemic but aiming to outlast it and become the new normal.
This new reality will be the factor that will drive companies to start creating new protection methods. Otherwise, we are all lambs to the cyber-slaughter.