DDoS attacks in Q1 2020: average bandwidth of attacks increasing
- Published: Tuesday, 21 April 2020 09:28
Link11 has released its Q1 2020 DDoS Report, revealing that the volume and complexity of attacks continued to grow in the first quarter of 2020.
Link11’s Security Operations Center (LSOC) registered an increasing number of high-volume attacks in Q1 2020, with 51 attacks over 50 Gbps. The average bandwidth of attacks also rose, reaching 5.0 Gbps versus 4.3 Gbps in the same quarter in 2019.
Key findings of Link11’s Q1 2020 report include:
- Maximum bandwidth nearly doubles: in Q1 2020, the maximum bandwidth nearly doubled in comparison to the previous year; the biggest attack stopped was 406 Gbps. In Q1 2019 the maximum bandwidth peaked at 224 Gbps.
- Complex multi-vector attacks rising: the share of multi-vector attacks rose to 64 percent in Q1 2020 up from 47 percent in Q1 2019. 66 percent of all multi-vector attacks combined 2 – 3 vectors. More importantly, there were 19 attacks that used 10 or more different DDoS vectors, compared to no reported attacks of this scale in 2019.
- Most frequently misused DDoS vectors: the most frequently used DDoS vectors in Q1 2020 were DNS Reflection, CLDAP, NTP and WS-Discovery.
- DDoS attackers increasingly abuse public cloud services: nearly the half of all DDoS attacks (47 percent) in Q1 2020 used public cloud server-based botnets, compared to 31 percent in the previous year
- APIs and applications under attack: as companies build new applications and services from multiple sources using APIs, they are becoming increasingly vulnerable to Layer 7 attacks, which are typically ‘low and slow’ compared to network layer attacks.