Number of DDoS Attacks Decreases, But Become More Dangerous
Enterprises are being highly targeted with sophisticated DDoS attacks. Critical payloads are being reached faster.
The Link11 Security Operations Center (LSOC) has reported a decline in DDoS attacks for the first time for H1 2022. The total number of attacks are down by more than three-quarters compared to the record DDoS year of 2021, according to the DDoS Report. “Over the past two years, several large DDoS extortion waves have been one of the strongest drivers of criminal DDoS activity,” said Marc Wilczek, managing director at Link11, commenting on the decline. “Even though attack numbers increased significantly again in July, we have seen fewer ransomware DDoS attacks so far. Furthermore, the world’s largest darknet marketplace was shut down in the spring, and with it, one of the gathering points of criminal energy was slowed down.”
The attacks, however, are becoming more dangerous, according to LSOC. Rather than attacking businesses indiscriminately, companies are now being targeted very specifically with sophisticated DDoS attacks. In addition, the attacks recorded during the period under review are significantly shorter, more intense and more sophisticated.
Dangerous turbo attacks
For the first time, DDoS attacks recorded in the Link11 network were analyzed in terms of how many seconds must pass after the transmission of the first bytes before the traffic reaches its maximum value. In the first half of 2022, a critical payload was reached on average just 55 seconds after the onset of the DDoS attack. In comparison, attacks in 2021 peaked only after an average of 184 seconds. “These turbo attacks are extremely dangerous. They peak very quickly instead of rising continuously. Such DDoS attacks are able to cripple network systems even before defenses can take full effect,” Wilczek explains.
Attacks are more specific, more targeted and more sophisticated
The trend toward high-bandwidth DDoS attacks also continues unabated. Average maximum attack bandwidths have continued to increase year-on-year from 266 Gbps in the first half of 2021 to 325 Gbps in the first half of 2022. The largest DDoS attack recorded on the Link11 network was stopped at 574 Gbps. The correlation between the duration and intensity of DDoS attacks also shows: Attacks are shorter and more intense at the same time. The more specific, targeted and sophisticated attacks are, the more precision and speed are required to detect and defend against them. This means that time is becoming an increasingly essential factor in dealing with DDoS attacks.