Distributed denial-of-service (DDoS) attacks rose substantially last year following the digital shift brought about by COVID-19, according to figures released by NETSCOUT.
The cybersecurity company’s ATLAS Security Engineering and Response Team (ASERT) revealed it observed over 10 million attacks of this nature in 2020, which is around 1.6 million higher than in 2019.
While acknowledging that it is normal for DDoS attacks to increase, the rate of growth suggests that cyber-criminals have sought to exploit the growth of internet use and home working during the COVID-19 pandemic. The analysis found that attack frequency was up 20% across the whole of 2020, but excluding the pre-pandemic months of January, February and most of March, attack frequency grew by 22% year-on-year.
NETSCOUT added that it recorded the largest single number of monthly DDoS attacks it had ever seen in May 2020, at 929,000, with monthly rates regularly exceeding 800,000 from March.
Essential sectors forced to shift to digital during the crisis, such as e-commerce, online learning and healthcare, were particularly heavily targeted by cyber-criminals, according to the analysis. For instance, a 25% increase in DDoS activity in education networks worldwide was observed by ASERT.
Richard Hummel, threat intelligence lead at NETSCOUT, commented: “It is no coincidence that this milestone number of global attacks comes at a time when businesses have relied so heavily on online services to survive. Threat actors have focused their efforts on targeting crucial online platforms and services such as healthcare, education, financial services and e-commerce that we all rely on in our daily lives. As the COVID-19 pandemic continues to present challenges to businesses and societies around the world, it is imperative that defenders and security professionals remain vigilant to protect the critical infrastructure that connects and enables the modern world.”
NETSCOUT added that it expects threat actors to continue targeting vulnerabilities exposed by the pandemic in 2021, as well as using new attack vectors to try and take advantage of weak points of the growing reliance on digital technologies.