Data collected by F5 suggests that Distributed Denial-of-Service (DDoS) attacks became “larger and more complex” last year.
While the prevalence of DDoS attacks decreased slightly over the previous year, the severity of each occurrence “ramped up markedly” in 2021.
By Q4 2021, the mean DDoS attack was in excess of 21Gbps. That’s more than four times larger than the beginning of 2020.
Not only did last year result in a larger overall mean attack size; records for single attacks were set on multiple occasions.
“The volume of DDoS attacks has fluctuated by quarter, but the unmistakable trend is that these attacks are getting larger,” said David Warburton, Director of F5 Labs.
“While the peak size of attack remained steady throughout 2020, last year we saw it climb consistently. This includes Silverline DDoS Protection tackling several attacks that were successively the largest we had ever seen by an order of magnitude.”
A 500 Gbps attack was witnessed by F5 in February 2021 to set a new record. That was broken in November with a 1.4 Tbps attack—more than five times larger than the previous year’s record.
The most common (59%) type of attack remained volumetric; using publicly available tools and services to flood a network with more bandwidth than it can handle.
However, volumetric attacks declined slightly as protocol and application-type DDoS attacks increased. Application-type DDoS attacks increased by almost five percent year-on-year.
27 percent of DDoS attacks in 2021 used the TCP protocol, an increase from 17 percent the previous year. DNS query attacks also increased 3.5 percent year-on-year.
Some types of attacks declined in 2021. UDP fragmentation attacks decline 6.5 percent, LDAP reflection by 4.6 percent, and DNS reflection by 3.3 percent.
“Alongside changes in attack type, we continued to observe strong prevalence of multivectored attacks, including the 1.4 Tbps incident that utilised a combination of DNS reflection and HTTPS GETS,” added Warburton.
“This was particularly true at the start of the year, when multivectored attacks significantly outnumbered single-vector assaults. It illustrates the increasingly challenging landscape for threat protection, with defenders needing to employ more techniques in parallel to mitigate these more sophisticated attacks and prevent a denial of service.”
The BFSI (Banking, Financial Services, and Insurance) industry was the most targeted by DDoS attacks in 2021; suffering from more than a quarter of the total volume.
Interestingly, the technology sector – the most targeted in 2020 – fell into fourth place behind telecommunications and education.
The BFSI, technology, telecoms, and education industries were targeted by 75 percent of attacks in 2021. Industries like energy, retail, healthcare, transportation, and legal saw hardly any DDoS attacks directed at them.
“Although it is reasonable to question the efficacy of attacks that may only last for a few minutes, threat actors know that even a short interruption to a service can have significant consequences and adversely impact brand and reputation,” concludes Warburton.
Want to learn more about cybersecurity from industry leaders? Check out Cyber Security & Cloud Expo. The next events in the series will be held in Santa Clara on 11-12 May 2022, Amsterdam on 20-21 September 2022, and London on 1-2 December 2022.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.
