As online businesses are being shifted by the COVID-19, the DDoS attacks trend keeps spiking. September just brought to the table new massive waves of DDoS attacks, the largest we have mitigated in Voxility network in Q3.
The first event, a massive network layer attack (layer 3 and layer 4), it started at 09:59 UTC on September 3, targeting a Hosting Provider customer. The attack peaked at 1044 Gbps and it was made up of volumetric UDP flood (consisting of abnormal UDP large packets, DNS amplification, UDP packets without payload).
A second wave followed on September 4, peaking at 1033 Gbps with more than 600 different originating source IPs, accompanied subsequently by another two attacks of 798 Gbps and 745 Gbps within an hour. All incidents averaged in duration at around 15 minutes.
On September 5 we registered another UDP flood attack peaking at 854 Gbps for the same customer, with a length of 13 minutes.
DDoS Landscape in 2020 so far...
Working from home, online learning and increased video demand meant that some network operators had a target on their back throughout 2020. Unfortunately, contrasting reports about post-outbreak DDoS activity from the major DDoS industry players could mean that it will be some time before we can put the attacks of 2020 into an informative context that fits consistently with the statistical trends of recent years.
From a network operator perspective, Voxility has noticed that the total number of network-centered DDoS attacks nearly doubled during a typical day, with 43,940 daily incidents globally — a staggering increase, even considering the year-on-year rise in incidents.
Kaspersky, meanwhile, similarly observes that DDoS attacks doubled in the first three months of 2020 compared to the previous quarter, and were 80% higher than the same period in the preceding year, while Nokia reports 40% rise in larger-scale DDoS traffic between February and April 2020.
Reports vary across other, more consumer-facing providers. Website security companies contends that a small raft of ambitious, high-volume attacks in Q1 and Q2 are set against a background of more frequent, but lower-intensity attacks, compared to previous years.
Some of the largest network attacks registered in 2020 so far were a 550 Gbps assault reported by Cloudflare, a 406 Gbps attack reported by Link11 and a volumetric syn flood attack registered by Imperva in July, peaking at 398 Gbps.
Within this landscape, Q3 stands out on its own with DDoS attacks getting even bigger on the network side. Here are some other peaks registered by Voxility over the course of August:
DDoS protection is a core competency for Voxility network, we rely on huge Internet capacity to collect and filter DDoS of any type and any volume. Find out more on how we protect networks and their downstream customers from large DDoS attacks here: Voxility 1 Tbps+ Acclaimed DDoS Protection