September 26, 2022

Share this article on:

A new report from Comcast Business indicates 2021 was another record-breaking year for Distributed Denial of Service (DDoS) attacks. 9.84 million DDoS attacks were reported in 2021, which is a 14% increase from 2019, although slightly lower than the previous year when 10.1 million attacks were reported.

The slight decline in attacks was due to several factors. 2020 was a particularly bad year as it was a full lockdown year where employees were working remotely and students were learning from home, which provided attackers with a unique landscape against which to launch an unprecedented number of DDoS attacks, and the high prices of cryptocurrencies in 2021 meant many threat actors diverted their botnets from conducting DDoS attacks to mining cryptocurrencies.

DDoS attackers spared no one in 2021; however, 73% of attacks were conducted on just four sectors – healthcare, government, finance, and education. Attackers followed seasonal trends and activities throughout the year, with education being attacked to coincide with the school year, and COVID-19 and vaccine availability drove DDoS attacks on the healthcare industry.

Multi-vector attacks increased by 47% in 2021. Comcast Business DDoS Mitigation Services defended customers against 24,845 multi-vector attacks targeting layers 3, 4, & 7 (Network, Transport & Application) simultaneously. 69% of Comcast Business clients were victims of DDoS attacks in 2021, a 41% increase from 2020, and 55% of Comcast Business customers experienced multi-vector attacks targeting layers, 3, 4, & 7 simultaneously. There was also a major increase in the number of vectors used in multi-vector attacks, increasing from 5 in 2020 to 15 in 2021, with the amplification protocols in the attacks increasing from 3 to 9.

DDoS attacks flood victims’ networks with traffic to render them unusable, and while attacks are often conducted just for that reason, it is common for DDoS attacks to be conducted to distract organizations and consume resources while the attackers engage in other nefarious activities. There is a strong link between DDoS attacks and data breaches. According to a Neustar survey, almost half of organizations (47%) that suffered a DDoS attack discovered a virus on their networks after the attack, 44% said malware was activated, 33% reported a network breach, 32% reported customer data theft, 15% suffered a ransomware attack, and 11% were victims of financial theft.

The most severe attack in 2021 was a 242 Gbps DDoS attack, which would be sufficient to saturate even high bandwidth Ethernet Dedicated Internet (EDI) circuits within minutes. The magnitude of attacks has increased and a trend has been identified where threat actors conduct low-volume attacks to stay under the radar of IT teams and cause damage on multiple levels. This tactic can degrade website performance, yet the attacks are often not detected by IT teams, who only discover they have been targeted when they start receiving complaints from customers.

DDoS attacks are cheap to perform, costing just a few dollars, although for a few hundred dollars massive attacks can be conducted that can cripple businesses. DDoS attacks can be incredibly costly for businesses. The attacks can prevent businesses from reaching their customers and meeting SLAs, and the attacks can result in devastating financial and reputational damage. In some cases, the damage is so severe that businesses have been forced to permanently close. For businesses that depend on availability, every minute of downtime can cause hundreds of thousands or even millions of dollars in losses.

“Even if you are a small business and think you are at a lower risk, you could be in the supply chain for a larger organization,” said explained Comcast Business in the report. “You can be sure that your business partners are watching their threat risk factors and are increasingly concerned about doing business with companies that are not.”