May 14, 2020
In March and April, we recorded the most significant increase in DDoS attacks ever. Compared with 2019 Q1, the number of attacks have increased by 542.46%, and QoQ increased by 278.17%. Q1 has historically been the “off-season” for DDoS attacks. While It is certainly interesting a deviation, we believe that the ongoing COVID-19 pandemic could be one major contributor.
2019Q1 |
2019Q2 |
2019Q3 |
2019Q4 |
2020Q1 |
|
Total Attack Count |
14,899 |
12,710 |
9,838 |
8,770 |
56,344 |
We are not alone. On March 15th, the US Department of Health and Human Services were hit by DDoS and online services were impacted . On April 30th, European Union’s High Representative, Josep Borrell, described cyber attacks on “critical infrastructures that are essential to managing this crisis” as particularly egregious in a press release issued and he noted the proliferation of “malware distribution campaigns, scanning activities and distributed denial-of-service (DDoS) attacks” since the outbreak. Virtual private network (VPN) provider Atlas also recorded more than 175,000 times DDoS attacks targeted to the US in a month.
DDoS Attacks have already become a global risk over the world. The motives of those attacks can be divided into three types. The first type is politically motivated, while the other type is the most common retaliatory attack during the economic downturn. It can be a dismissed employee or someone dissatisfied with the society or government. The last one is always active, online crime and vicious competition between industries. When three different motivated attacks are launched today also cause chaos.
One common question is why DDoS attacks are always part and parcel of any cyber attack events. The abundance of DDos-for-hire services has made it possible, and easy even, for anyone. While hacking is risky, requiring in-depth hacking knowledge and leaves behind a hard to destroy digital trail, launching DDoS attacks via online services and websites that are completely unconnected provides a buffer between the mastermind and its minions. DDos-for-hire service is not a problem that can be solved by any one country. Hackers span the globe to establish these services to reduce the risks of arrests. Aided by modem devices that are becoming more connected and powerful each day.
In addition to the impact and surrounding collateral damage as a result of a victim being bombarded with DDoS attacks, the effects are far more reaching. When a large number of compromised home devices sends out attack traffic as part of a botnet, a great burden is placed on the unwilling participating ISP to maintain its quality of connectivity. During the ongoing COVID-19 pandemic, working from home has become the new standard and home internet connectivity has never been more important. DDoS attacks, be it outgoing or incoming, is a threat to this new working standard that no home users will be able to address.
Lastly, working from home presents new challenges with IT security. Implementing workplace IT security has always been a challenge, much less to expect best practices to be kept up at home. This leads to the increased risks of employee devices being infected and sucked into the vicious cycle.
Are our current security policies and practises apt for the new post-COVID19 world? It seems like the situation will only get worse before we can hope to see it become better again. And in order to see that on the horizon again, we all have a part to play and that starts with getting our own security strategies in order.