DDoS Attacks Slow in Q3, But Still Y-O-Y Rise
The sudden surge of work from home was the result of lockdown. This resulted in users’ reliance on online services, which is why the first two quarters of the year saw a spike of DDoS attacks aimed at disrupting their work. Even educational and administrative resources were hit badly. But according to Kaspersky DDoS Protection data, the number of DDoS attacks decreased in the third quarter of 2020 (73 percent less attacks than the previous quarter). It showed that the DDoS attack is returning to normal. However despite the overall stabilization of the DDoS market during the year, the quarter still saw a year-on-year increase (one and a half times year-on-year increase). Despite the decrease, it recorded the highest number of single day totaling 323.
The analysis of commands received by bots from command and control servers also revealed a drop in DDoS attacks. In Q3, around 106 attacks per day averaged per day, while there were 10 more in the previous quarter. However, July 2 saw a record-breaking 323 attacks, the highest number for the whole of 2020, while the peak for 2019 was 298 attacks registered in April.
Despite the overall stabilization of the DDoS market during the year, the quarter still saw a year-on-year increase
“Many companies were not prepared for remote working or didn’t consider their web assets as critical. For instance, we had several requests from organizations, such as mask manufacturers, that fell victim to DDoS attacks. Previously, these businesses did not even think about DDoS protection. The situation is improving as more businesses have managed to strengthen their cyber-defenses to mitigate this security weakness. As a result, less DDoS attacks have been effective in Q3. Nonetheless, attackers remain quite active, so we advise those who are yet to adopt appropriate measures not to put this issue on the back burner,” comments Alexey Kiselev, Business Development Manager on the Kaspersky DDoS Protection team.
In its report, Kaspersky experts recommends to maintain web resources operations by assigning specialists who understand how to respond to DDoS attacks. They also recommend to validate third-party agreements and contact information, including those made with ISPs, which will help in quick review of agreements during an attack.