Telia Carrier
has announced the findings of a new DDoS Threat Landscape Report,
with a unique perspective on today's cyber threats
from traffic data observed on its #1 ranked Internet backbone, AS1299. The report investigates changes in attack vector,
size and frequency, and reveals a staggering 50% increase in peak attack
traffic compared to 2019, with a jump to 1.18 Terabytes per Second (TBPS) or
887 Mega Packets Per Second (Mpps).
The "Telia Carrier 2021 DDoS Threat Landscape
Report", is a snapshot of Telia Carrier's monitoring
and mitigation efforts to protect customers across its extensive global
network. In 2020, Telia Carrier cleaned a staggering 57 Petabits or 14 tera
packets of malicious data. During the same period, the average size of a DDoS
attack was 19 Gbps (23 Mpps), with an average duration of 10 minutes.
Additional key findings from the
report include:
- Greater
incidence of high intensity attacks - With an
overall rise in available network capacity, cyber criminals are
increasingly targeting their victims with high intensity attacks, rather
than simply congesting client links.
- DNS and
NTP amplification attacks - These were the most common
attack vectors in 2020.
- Activity
peaks mirror COVID lockdowns - It was found that attack
traffic mirrored the main spring and autumn lockdowns that took place in
the US and Europe.
- Carpet
bombing is on the increase - A clear trend has been seen of
larger, co-ordinated attacks from multiple sources towards dynamically
changing hosts within a target network. Previously this attack type
was seen in severe, but isolated cases, but this activity is now more
consistent and sustained.
"The rise of carpet bombing as a
popular attack vector and a dramatic increase in peak attack traffic are two
important reasons why organizations need to move to automatic threat mitigation
techniques," said Jorg Dekker, Head of Internet Services at Telia Carrier. "The
volume and frequency continues to increase, and cyber criminals are using the
huge bandwidth available across the Internet to target their victims with speed
and ferocity from multiple launch points simultaneously. These dynamic and
unpredictable attacks are precision planned and automated, so customers must
fight fire with fire, by investing in auto-mitigation as they move away from
static traffic inspection and mitigation."
The full report can be downloaded here.