The total number of DDoS (Distributed Denial-of-Service) attacks decreased by 38.8 per cent in the second quarter of 2021 as compared to Q2 2020, and by 6.5 per cent in comparison to the previous quarter in 2021, according to a report by cybersecurity firm Kaspersky.
In DDoS attacks, the hackers attempt to deny access to the rightful customers impacting transactions. They are meant to hinder a particular service for genuine users.
Hackers send a large number of requests to the target websites, far exceeding their capacity, impairing their ability to function normally.
According to the report, China topped the list in terms of the number of devices from which SSH attacks were carried out. SSH brute force attacks are often achieved by an attacker trying a common username and password across thousands of servers until they find a match.
Simultaneously, China continued to lose ground in terms of the total number of DDoS attacks (10.2 per cent). The US remains the leader (36 per cent) in this category for the second quarter in a row, while Poland and Brazil were the new entries in the top five.
Also read: Indian PC home users have a 28% chance of encountering cyber threats on their device: Report
Recently, scammers have been looking for ways to amplify DDoS attacks, Kaspersky said.
A visible trend is the exploitation of the TsuNAME vulnerability in Domain Name System (DNS) resolvers which is being leveraged to attack DNS servers.
“In particular, this led to interruptions in the work of Xbox Live, Microsoft Teams, OneDrive and other Microsoft cloud services. Internet service providers also fell victim to DDoS attacks,” the report said.
However, the overall situation in Q2 was relatively calm. On average, the number of DDoS attacks fluctuated between 500 and 800 per day. About 60 attacks were recorded on the day with the least activity. On the most intense day, attacks totaled 1164.
As mentioned before, US accounted for the maximum number of DDoS attacks (36 per cent). At the same time, China (10.2 per cent), which until this year was regularly in first place, continues to lose ground – its share has decreased by 6.3 per cent. Poland, a new entry in the list was third (6.3 per cent), whose share increased by 4.3 per cent. It was followed by Brazil with its share almost doubling, amounting to 6 per cent. Canada (5.2 per cent), which previously closed the top three, dropped to fifth place.
Also read: Remote work costs organisations heavily as data breaches shoot up
Kaspersky experts also analysed which countries had bots and malicious servers that attack IoT devices in order to expand botnets. Results show that the majority of devices that carried out attacks were in China (31.8 per cent), the US (12.5 per cent) took second place, and Germany (5.9 per cent) came in third.
“The second quarter of 2021 was calm, as we expected. There was a slight decrease in the total number of attacks compared to the previous quarter, which is typical for this period and is observed annually. We traditionally associate these numbers with the beginning of holidays and vacations. In the third quarter of 2021, we also do not see any prerequisites for a sharp rise or fall in the DDoS attack market. The market will also continue to be highly dependent on the rate of cryptocurrencies, which has remained consistently high for a long time,” said Alexey Kiselev, Business Development Manager on the Kaspersky DDoS Protection team.
Chris Connell, Managing Director, Kaspersky (APAC) said, “The decrease in the number of DDoS attacks is definitely a good sign, but it should not mean that the companies and enterprises can neglect the risks of falling prey to a DDoS attack and relax their security measures.”
“Businesses of all sizes today are at risk of a DDoS attack and it is imperative for them to develop a denial of service response plan in advance which will prepare them against an actual attack on their network. Developing an incident response plan is the first and the most critical step to be taken while executing a robust defense strategy,” said Connell.
Chris added, “Depending on the infrastructure, a response plan can be quite exhaustive, however the right security measures in place, and a thorough training with the employees can be a major help to businesses in their constant fight against such attacks.”