In the third quarter of 2020, the number of DDoS attacks decreased from the previous quarter, according to data from
Kaspersky DDoS
Protection. Analysis of commands received from command and control
servers also demonstrated this decline. However, despite the overall
stabilization of the DDoS market during the year, the quarter still saw a
year-on-year rise, and the year's highest number of attacks in a single
day, totaling 323.
Lockdown
measures increased users' reliance on online services, so in the first
two quarters of the year there was a spike of DDoS attacks aimed at
disrupting their work. Educational and administrative resources were hit particularly heavily. However, Q3 results showed that DDoS activity is returning to normal.
In
Q3 2020, Kaspersky DDoS Protection detected 73% fewer attacks than in
the previous quarter. However, compared to the same period in 2019, this
figure has seen a one-and-a-half-times year-on-year increase. This
means that the decline observed during Q3 can mostly be explained by the
abnormal rise of attacks in the second quarter.
The
analysis of commands received by bots from command and control servers
also revealed a drop in DDoS attacks. On average, 106 attacks per day
were carried out in Q3, while there were 10 more per day in the previous
quarter. Nevertheless, while things have been quieter - there were
three days where only one attack was registered - some days still saw
high DDoS activity. The most noticeable was July 2, which saw a
record-breaking 323 attacks, the highest number for the whole of 2020.
The previous peak was 298 attacks, registered back in April.
"Many
companies were not prepared for remote working or didn't consider their
web assets as critical," said Alexey Kiselev, Business Development
Manager on the Kaspersky DDoS Protection team. "For instance, we had
several requests from organizations, such as mask manufacturers, that
fell victim to DDoS attacks. Previously, these businesses did not even
think about DDoS protection. The situation is improving as more
businesses have managed to strengthen their cyber-defenses to mitigate
this security weakness. As a result, fewer DDoS attacks have been
effective in Q3. Nonetheless, attackers remain quite active, so we
advise those who are yet to adopt appropriate measures not to put this
issue on the back burner."
To stay protected against DDoS attacks, Kaspersky experts offer the following recommendations:
- Maintain web resources operations by assigning specialists who understand how to respond to DDoS attacks.
- Validate
third-party agreements and contact information, including those made
with internet service providers. This helps teams quickly access
agreements in case of an attack.
- Implement professional solutions to safeguard your organization against DDoS attacks. For example, Kaspersky DDoS Protection combines Kaspersky's extensive expertise in combating cyberthreats and the company's unique in-house developments.
Read the full report on Securelist.