Distributed Denial of Service (DDoS) attacks are surging in the UK, as cybercriminals take advantage of the Covid-19 epidemic.
According to a new study by cybersecurity firm Netscout, the number of DDoS attacks in the UK is up 62% year over year. The company recorded more than 248,000 attacks against targets in the UK between January 1 and May 31 of this year, up from 143,000 in the same period in 2019.
According to the study, "Through the end of January 2020, we observed constant growth in the overall DDoS attack rate as organizations continue to experience increased levels of malicious traffic."
In the study, the firm also analyzed the most common DDoS attack vectors and observed that the majority of attacks during this period were volumetric.
A DDoS attack is when hundreds or thousands of Internet-connected devices incessantly request information from a single website or server, paralyzing the responding server and making the website inaccessible.
Netscout says: "These attacks typically rely on relatively high packets per second (pps) and/or bits per second (bps) rates to overwhelm targeted servers, services, applications, and network capacity.
Attackers used so-called "carpet bombing" attack addressing techniques to target individual IP addresses as well as larger networks.
The most common attack vector is DNS reflection/amplification, which Netscout explains is unsurprising given the relatively large number of exploitable open DNS recursors that exist on the Internet today. [The average attack bandwidth in 2020 is about 1 GB/second, which may sound small, but Netscout claims that an attack of this magnitude is actually "operationally significant." Bandwidth increased by 56% to 260.59 TB/s.
The largest DDoS attack observed in the UK this year was 488 GB/sec, compared to 352 GB/sec in 2019, and was against telecommunications organizations. Finally, Netscout tracked the throughput of DDoS attacks and found a 47% increase in the UK.
"We are not even halfway through 2020, and the scale and impact of DDoS attacks is likely to continue to grow," the report concluded.
"Given that the largest attacks observed this year preceded the full-blown outbreak of the ongoing Covid-19 pandemic, and all the changes in online usage and behavior it brought about, it is difficult to see how organizations can expect DDoS attacks to have a significant impact on their online presence and assets. We are reminded that they are exposed to a fundamental and enduring risk of serious impact to their online presence and assets.
Comments