Multi-vector DDoS attacks on the rise, attackers indiscriminate and persistent
Comcast Business published results from a report which provides an overview of the distributed denial of service (DDoS) attack landscape, trends experienced by its customers and insights for measuring and mitigating risks. The report found that multi-vector DDoS attacks targeting Layers 3, 4, and 7 simultaneously represent a 47 percent increase from the record number set in 2020.
“DDoS attacks, when they occur, can be costly and difficult to defend. The risk of losing network, server and application availability is higher than ever,” said Shena Seneca Tharnish, VP, Cybersecurity Products, Comcast Business.
“With threat actors constantly innovating, organizations must stay vigilant to help protect their infrastructure from bad actors determined to cause financial and reputational damage.”
The report indicates that 2021 was another record year for DDoS attacks, as Comcast Business DDoS Mitigation Services identified and helped defend 24,845 multi-vector attacks targeting Layers 3,4, and 7 simultaneously. Overall, 69 percent of customers experienced DDoS attacks, a 41 percent increase over 2020, while 55 percent were targets of mulit-vector attacks, as opposed to in 2020 where most customers experienced single vector attacks.
The data also shows that DDoS attackers were indiscriminate and persistent as no verticals were spared and everyone was fair game – from tow truck drivers to churches, government, utilities, IT companies, online gambling sites, and manufacturing operations. However, the healthcare and education sectors remain favorite targets.
Seventy-three percent of all multi-vector attacks targeted the education, finance, government and healthcare sectors, likely due to vulnerabilities brought on by the COVID-19 pandemic. Threat actors also used industry-specific seasonal trends and activities to guide attacks and maximize impact.
Attacks on education customers followed the cadence of a typical school year, starting strong in January before taking a significant dip over the summer when schools were out, while the financial sector experienced a 3X uptick in attacks during November and December compared to the rest of the year.
Other key findings on multi-vector DDoS attacks
- Attacks on information technology customers grew steadily, ending the year at 10X the January numbers.
- 98 percent of all multi-vector attacks were under 5 Gbps, as bad actors often strike at low volumes to avoid detection, degrade site performance and map out network vulnerabilities for reconnaissance.
- 69 percent of all multi-vector attacks lasted under 10 minutes, as short duration attacks are harder to detect and give IT organizations less time to respond, quickly overwhelming defenses.
- The number of vectors deployed in a single multi-vector attack increased from five to 15, while the number of amplification protocols used in multi-vector attacks increased from three to nine.
- 99 percent of customers experienced repeat attacks, while the largest and most severe attack was delivered at a rate of 242 Gbps.