The second quarter Kaspersky DDoS attacks report for 2020 has revealed that the number of such attacks during the quarter increased three-fold in comparison to the second quarter of 2019. The figure is almost the same as the number of DDoS attacks in the first quarter of 2020.
Kaspersky experts believe the rise in malicious activity can be attributed to the impact of COVID-19, as both cybercriminals and their targets have had to reconsider their holiday plans.
The pandemic – and subsequent social distancing restrictions – have significantly changed people’s lives. In particular, many people feel concerned about travelling or are simply unable to do so. So, many are either spending their days off in “staycation” mode or have cancelled their scheduled holidays. And this change in vacation plans has had unexpected consequences – including an increased number of DDoS attacks.
The number of attacks Kaspersky DDoS Protection detected and blocked in the second quarter of 2020 is 217% higher than in the same period of 2019. Also, the number of attacks in the second quarter of 2020 slightly increased in comparison to the first quarter of this year.
These results contradict the annual trends that Kaspersky researchers usually find. Normally, the number of DDoS attacks varies depending on the season. The beginning of the year usually sees a higher amount of DDoS, as it is a peak season for business, and in late Spring and Summer (for the northern hemisphere) the number of attacks begin to decrease. For example, the number of attacks in the second quarter of Q2 2019 fell by 39% compared to figures for the first quarter of 2019, and in 2018 the difference between the two quarters was 34%.
The difference between Q1 and Q2 through 2018-2020. Q1 of each year is taken as 100%
This trend is reflected in the number of commands received by bots from C&C servers, which were intercepted and analysed by the Kaspersky DDoS Intelligence system. Broadly, the average number of attacks registered daily in the second quarter increased by almost 30% compared to what happened in the first quarter. Also, the biggest number of attacks per day was almost 300 in the second quarter of (registered on April 9), while in the first quarter of 2020 the record was 242 attacks.
“This year, people have not been able to enjoy a normal holiday season as many regions have kept COVID-19 lockdown measures in place. This has left more people than usual still depending on online resources for both personal and work-related activities, making this a busy period for online businesses and information resources. As a result, we saw unprecedented activity in the DDoS market. And so far, there is no reason to predict a decline,” comments Alexey Kiselev, Business Development Manager on the Kaspersky DDoS Protection team.
To help organisations protect themselves from DDoS attacks during the vacation season, Kaspersky recommends the following measures:
- Maintain web resources operations by assigning specialists who understand how to respond to DDoS attacks. They must also be prepared to respond out-of-hours, during evenings and weekends
- Validate third-party agreements and contact information – including those made with Internet service providers. This helps teams quickly access agreements in case of an attack
- Implementing professional solutions will safeguard an organisation from DDoS attacks. For example, Kaspersky DDoS Protection combines Kaspersky’s extensive expertise in combating cyberthreats and the company’s unique in-house developments.