New analysis from F5 Labs has discovered a massive rise in DDoS and password login attacks during the pandemic.
In January, the number of all reported SIRT incidents was half the average reported in previous years. However, as lockdowns were put in place from March onwards, there was a sharp rise in incidents.
The attacks can be categorised into two buckets from January to August this year: Distributed Denial of Service (DDoS) attacks (45%) and password login attacks (43%) which comprised of brute force and credential stuffing attempts.
Other findings include:
- DDoS attacks surge 3x in March: DDoS made up only a tenth of reported incidents in January, but grew to three times that of all incidents in March.
- No ‘spring slump’ for DDoS: Typically, DDoS attacks see a ‘spring slump’, but these rose in April 2020. In fact, DDoS attacks targeting web apps increased six-fold from 4% in 2019 to 26% in 2020.
- Attacks are diversifying: The number of DDoS attacks reported to the SIRT and identified as DNS amplification attacks nearly doubled (31%) this year along with DNS Query Flood which is also on the rise.
- DDoS most popular in APAC with 83% of attacks: Meanwhile, EMEA saw the next highest with 54%.
- 67% of all SIRT-reported attacks on retailers in 2020 were passwords attacks: A rise of 27% on last year. This was to be expected as the pandemic has caused a huge shift from in-store sales to online
Full details can be found here: https://www.f5.com/labs/articles/threat-intelligence/how-cyber-attacks-changed-during-the-pandemic.