How DDoS activity has evolved this year

It's Time to Change Your Perception of the Cybersecurity Professional

November 10, 2020

Although DDoS as a threat vector may have been overshadowed in the media as a result of several high-profile ransomware operations this year, instances of DDoS attacks show little sign of slowing down as a common tool for malicious actors.

According to new Digital Shadows research, 2020 saw the largest DDoS attack on record, peaking at rate of 2.3 terabytes per second and causing three days of downtime for the targeted business. The attack was carried out deploying hijacked CLDAP (Connection-less Lightweight Directory Access Protocol) web servers and caused three days of downtime for the unnamed targeted business. This event further proves how threat actors are refining their DDoS techniques to create a product more threatening than ever.

In 2020, for instance, Digital Shadows observed many attacks against the healthcare industry, with the most notable one being the March 2020 denial-of-service attack against the U.S. Health and Human Services Department operated by an unknown threat actor in a pivotal moment amid the virus outbreak.

After the killing of George Floyd, advocacy groups, government websites, such as those belonging to the police and the military, were subjected to the most significant number of attempted DDoS attacks.

Cybercriminal forums are filled with rentable botnets, so it’s even possible for those without technical know-how to execute powerful DDoS attacks. This market evolution, along with other factors, has ensured that the attacker’s DDoS playbook continues to expand in tandem with attempts to mitigate the threat of such attacks.

In its research, Digital Shadows describes three main trends for this year that will persist well into 2021.

Leveraging IoT.
Leasing DDoSaaS Solutions.
DDoS extortion.

Digital Shadows highlights how organizations can effectively mitigate DDoS attacks, which have such a low barrier to entry and a range of easily-accessible resources to aid attackers. Given the variety of organizations targeted – ranging from advocacy groups to governments to stock exchanges and private companies – researchers offer a broad strategic mitigation plan that any organization can leverage to protect itself, including:

For tips, and more details about the trends, please visit https://www.digitalshadows.com/blog-and-research/the-evolution-of-ddos-activity-in-2020/

Maria Henriquez joined Security Magazine in 2019 as its Associate Editor. Since then, she has been covering the security industry and reporting on issues affecting enterprise security leaders, to include cybersecurity, leadership and management, risk and resilience and more. Within her role at Security, she works to produce stories for the monthly issue, Newswire articles, Web Exclusive features, as well as manage social media, the 5 minutes with series, and the Today’s Cybersecurity Leader and Security enewsletter. She graduated from the University of Illinois at Urbana-Champaign with a bachelor’s in English and Creative Writing.

Protecting employees from potential exposure could be a daunting task, but with the right property technology, your office space can become an interactive and responsive asset that helps you ensure new health protocol compliance.

Join Resolver as we discuss practical strategies to help shift the security mindset in your organization. We’ll look at real examples of how industry-leading security teams have optimized their processes to provide more impactful reporting that not only enabled them to prove the value of corporate security to the organization, but also their increased departmental budget.