DDoS Statistical Report for 2021

In 2021, the total attack count and average attack size both fell by 13.32% and 50.00% respectively compared to the figures registered in 2020. Compared to 2020, the maximum attack size increased by 296.62%, with the maximum attack size clocking in at 699.20 Gbps. Besides, ASN-level Communications Service Providers (CSPs) around the world, especially ISPs, continue to be impacted by the stealthy, sophisticated bit-and-piece attacks, which are carried out by drip-feeding doses of junk traffic into a large IP pool. Within each IP space, the junk traffic is small enough to bypass traditional threshold-based detection, but is big enough to clog the target when the bits and pieces are accumulated from different IPs.

• Types of Attack Vectors: In 2021, UDP and DNS Amplification Attacks were the predominant two attack types, contributing 39.06% and 10.43% respectively, while TCP ACK Attacks ranked third at 9.70%.
• Attacks by Category: Volumetric (Direct Flood) attacks, contributing 79.33% of the total attacks recorded in 2021, increased by 8.73% YoY, while Volumetric (Amplification) attacks, contributing 17.65%, decreased by 12.18% YoY.
  
• Attack Size Distribution: Of the attacks recorded in 2021, 86.68% were smaller than 1Gbps. 7.88% ranged between 1Gbps - 10Gbps, and 5.44% were larger than 10Gbps.
• Multi-Vector Attack Combinations: The most commonly used multi-vector attack combination recorded in 2021 was “CLDAP Reflection Attack coupled with UDP Fragmentation Attack”, contributing 6.82%.