DDoS Attacks Increase by 151% in First Half Of 2020
Neustar, Inc., a global information services and technology company and leader in identity resolution, today released its latest cyberthreats and trends report which identifies significant shifts in distributed denial-of-service (DDoS) attack patterns in the first half of 2020. Neustar’s Security Operations Centre (SOC) saw a 151% increase in the number of DDoS attacks compared to the same period in 2019. These included the largest and longest attacks that Neustar has ever mitigated at 1.17 Terabits-per-second (Tbps) and 5 days and 18 hours respectively. These figures are representative of the growing number, volume and intensity of network-type cyberattacks as organisations shifted to remote operations and workers’ reliance on the internet increased.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20200916005046/en/
Figure 1: Percentage change in number of attacks by size category, 2020 vs. 2019 (Graphic: Business Wire)
Neustar’s role in providing navigation for internet requests (via its global UltraDNS network) and in detecting and mitigating threats (through its UltraDDoS Protect service) has given the company a front-row seat from which to observe macro cyberattack trends, as detailed in its CyberThreats and Trends Report: Jan-Jun 2020.
Largest and smallest DDoS attacks becoming increasingly intense and sophisticated
Large DDoS attacks are bigger, more intense, and happening in greater numbers than ever before. There has been a noticeable spike in large attacks across the industry, most notably the 2.3 Tbps attack targeting an Amazon Web Services client in February – the largest volumetric DDoS attack on record.
Neustar saw the total number of attacks increase by over two and a half times during January through June of 2020 compared to the same period in 2019. The increase was felt across all size categories, with the biggest growth happening at opposite ends of the scale – the number of attacks sized 100 Gbps and above grew a whopping 275% and the number of very small attacks, sized 5 Gbps and below, increased by more than 200%. Overall, small attacks sized 5 Gbps and below represented 70% of all attacks mitigated by Neustar between January and June of 2020.
“While large volumetric attacks capture attention and headlines, bad actors increasingly recognise the value of striking at low enough volume to bypass the traffic thresholds that would trigger mitigation to degrade performance or precision target vulnerable infrastructure like a VPN,” said Michael Kaczmarek, Neustar Vice President of Security Products. “These shifts put every organisation with an internet presence at risk of a DDoS attack – a threat that is particularly critical with global workforces reliant on VPNs for remote login. VPN servers are often left vulnerable, making it simple for cybercriminals to take an entire workforce offline with a targeted DDoS attack."
The rise in smaller DDoS attacks has been matched by increases in attack sophistication and intensity. 52% of threats mitigated by Neustar leveraged three vectors or more, with the number of attacks featuring a single vector essentially nonexistent. Neustar also tracked new amplification methods and attacks of higher intensity targeted at critical pieces of web infrastructure. The previous high-water mark of 500 millions-of-packets-per-second (Mpps) was topped this year, with an attack of over 800 Mpps recorded.
“The dependency and growth in online communications since COVID-19 has fundamentally changed what organisations must do to succeed,” said Brian McCann, President, Neustar Security Solutions. “There is no one-size-fits-all solution for security, but having a reliable cloud service that ensures availability and security for all services and users has proven to be a critical difference between barely surviving and thriving in this rapidly changing environment.”
Ongoing impact of COVID-19 on cyberthreats and industry web traffic
The precipitous rise in DDoS attacks mirrors the growth in internet traffic seen during the pandemic. Internet use is up between 50% and 70% and streaming media rose more than 12% in the first quarter of 2020.This has meant that attackers of all types, whether serious cybercriminals or bored teenagers stuck at home, have had more screen time to be disruptive.
In a study of one of the largest cybercrime sites by Cambridge University’s Cybercrime Centre, they found that the number of attacks enacted by the website went up sharply at the start of the pandemic and associated lockdown. They also found that instead of existing cybercriminals staging more attacks, it was new attackers driving the increase in DDoS attacks.
The corresponding attacks, like internet traffic, have not been evenly spread across all websites. It’s well known that ecommerce and gaming websites have received a lot of negative attention from hackers, but there are other industries that have been hit hard by cybercriminals over the last six months. Healthcare organisations contain sensitive patient information and a growing number of IoT devices that are easily exploited. Combined with the additional pressure of the pandemic, hospitals have become some of the most desirable targets for cybercriminals. Industries that have seen a lot of growth during the pandemic, like online gambling, have also been ripe for cyberthreats. Most notably, online video has seen an incredible rise in both usage and DDoS attacks. Omdia has reported an additional 200 billion hours of Netflix viewing or Zoom video calls over initial 2020 forecasts.Where traffic rises, so too do attacks; Neustar attack mitigations for this vertical increased by 461% over the last six months.
“While 2020 has brought radical changes in behaviour to consumers and criminals alike, it is naïve to assume that actions of either audience will revert completely to pre-pandemic norms after this crisis passes,” added Kaczmarek. “Mitigating these increasingly sophisticated DDoS attacks will continue to be a necessary part of doing business online. At a time when many organisations could do with less worry, fully managed services can take the pressure off and ensure critical digital assets are safe and secure.”
The report highlights several emerging attacker tactics seen across the industry, including an increase in burst and pulse DDoS attacks, broadening abuse of built-in network protocols such as ARMS, WS-DD, CoAP and Jenkins to launch DDoS amplification attacks that can be carried out with limited resources and cause significant disruptions, NXNS attacks targeting DNS servers, RangeAmp attacks targeting Content Delivery Networks (CDNs), and a resurgence of Marai-like malware capable of building large botnets through the exploitation of poorly secured IoT devices.
A complimentary copy of Neustar’s CyberThreats and Trends Report 1H 2020 is available here.
Neustar is an information services and technology company and a leader in identity resolution providing the data and technology that enables trusted connections between companies and people at the moments that matter most. Neustar offers industry-leading solutions in Marketing, Risk, Communications and Security that responsibly connect data on people, devices and locations, continuously corroborated through billions of transactions. Neustar serves more than 8,000 clients worldwide, including 60 of the Fortune 100. Learn how your company can benefit from the power of trusted connections here: https://www.home.neustar.
# # #
Hotwire for Neustar
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
ESMO 2020: Cabometyx ® (cabozantinib) in Combination With Opdivo ® (nivolumab) Demonstrates Significant Survival Benefits in Patients With Advanced Renal Cell Carcinoma in Pivotal Phase III CheckMate -9ER Trial19.9.2020 18:30:00 CEST | Press release
Regulatory News: Ipsen (Euronext: IPN; ADR: IPSEY) today announced the first presentation of results from the pivotal Phase III CheckMate -9ER trial, in which Cabometyx® (cabozantinib) in combination with Bristol Myers Squibb’s Opdivo® (nivolumab) demonstrated significant improvements across all efficacy endpoints, including overall survival (OS), in previously untreated advanced renal cell carcinoma (RCC).1 Cabometyx® in combination with Opdivo® reduced the risk of death by 40% versus sunitinib (HR: 0.60 [98.89% Confidence Interval [CI]: 0.40–0.89]; p= 0.0010; median OS not reached in either arm). In patients receiving Cabometyx® in combination with Opdivo®, median progression-free survival (PFS), the trial’s primary endpoint, was doubled compared to those receiving sunitinib alone: 16.6 months versus 8.3 months respectively (Hazard Ratio [HR]: 0.51 [95% CI 0.41–0.64], p < 0.0001). In addition, Cabometyx® in combination with Opdivo® demonstrated a superior objective response rate, wit
Takeda Presents New Data Highlighting Scientific Advancements in Lung Cancer at ESMO Virtual Congress18.9.2020 12:55:00 CEST | Press release
Takeda Pharmaceutical Company Limited (TSE:4502/NYSE:TAK) (“Takeda”) today announced that the company is presenting data from its lung cancer portfolio at the virtual European Society for Medical Oncology (ESMO) conference. Notably, insights from sub-analyses of the Phase 3 ALTA 1L study reinforce both the compelling evidence of intracranial efficacy with ALUNBRIG® (brigatinib) as a first-line treatment for patients with anaplastic lymphoma kinase-positive (ALK+) non-small cell lung cancer (NSCLC) as well as associated quality of life (QoL) data. Takeda is also featuring updated 10-month follow-up results from the Phase 1/2 trial of mobocertinib (TAK-788), demonstrating mobocertinib achieved a duration of response (DoR) of more than one year in the trial’s study population of patients with epidermal growth factor receptor (EGFR) Exon20 insertion+ metastatic NSCLC (mNSCLC). “We’re pleased to present our ongoing research in lung cancer at this year’s virtual ESMO congress, including new
Incyte Announces Encouraging Results From Phase 2 Trial of Retifanlimab (INCMGA0012) in Patients With Previously Treated, Advanced Squamous Cell Carcinoma of the Anal Canal18.9.2020 12:00:00 CEST | Press release
Incyte (Nasdaq:INCY) today announced results from its Phase 2 POD1UM-202 trial evaluating retifanlimab, a PD-1 inhibitor, in previously treated patients with advanced squamous cell carcinoma of the anal canal (SCAC) who have progressed following standard platinum-based chemotherapy. The trial enrolled 94 patients, including those with well-controlled human immunodeficiency virus (HIV) infection (10%). Retifanlimab monotherapy resulted in a confirmed objective response rate (ORR) of 14% as determined by independent central review (ICR) using RECIST v1.1. Responses were observed regardless of PD-L1 status, presence of liver metastases, age or HIV+ status. Retifanlimab was generally well-tolerated with a safety profile as expected of a PD-1 inhibitor and no loss of HIV infection control. Key findings from POD1UM-202: N=94 ORR* (95% CI) 13.8% (7.6-22.5) Best OR*, n 1 CR 12 PR 33 SD DCR 48.9% DOR, median (95% CI), months 9.5 (5.6-NE) PFS, median (95% CI), months 2.3 (1.9-3.6) OS, median (95
Sigfox and Cube Infrastructure Managers Announce Major Partnership in IoT Infrastructure18.9.2020 09:30:00 CEST | Press release
Sigfox, the global 0G network1 and cloud provider for industrial data, is proud to announce a new strategic alliance with Cube Infrastructure Managers (Cube), through the sale of its German 0G network to Cube. Sigfox has grown its 0G IoT services by rolling out 0G networks across 72 countries and regions, which was largely achieved with partners called Sigfox Operators. These operators are the owners of the 0G networks, which they operate as exclusive connectivity providers of Sigfox IoT services, offering worldwide connectivity to customers. The sale of the German network to Cube will allow Sigfox to finance its continued innovation efforts in data value extraction and improvements in cloud algorithms to reduce energy consumption and allow the implementation of even more cost-effective devices and sensors. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20200918005116/en/ Cube Infrastructure Managers, the European infrastructu
Sensorion successfully raises approximately €31 (US$ 36.5) million in an oversubscribed private placement to US and European investors18.9.2020 08:00:00 CEST | Press release
Regulatory News: Not for release, publication or distribution, directly or indirectly, in or into the United States, Canada, Australia or Japan. This press release is not intended as an offer and is for informational purpose only Sensorion (Paris:ALSEN) (FR0012596468 – ALSEN – the “Company”) a pioneering clinical-stage biotechnology company which specializes in the development of novel therapies to restore, treat and prevent within the field of hearing loss disorders announces today the success of its previously announced capital increase. The Company has placed 18,236,000 new ordinary shares with a nominal value of €0.10 each (the “New Shares”), for total gross proceeds of approximately € 31 million by means of an accelerated bookbuild offering to the benefit of categories of persons (the “Reserved Offering”). The issue price of the New Shares is €1.70 per share, representing a 3.5% discount to the weighted average share price on the day preceding the date on which the issuance price
ESMO 2020: Phase II CLARINET FORTE Results Show Increasing Dose Frequencies of Somatuline ® Autogel ® (lanreotide) Allows Patients with NETs to Delay Treatment Escalation by up to 8.3 Months18.9.2020 07:00:00 CEST | Press release
Regulatory News: Ipsen (Euronext: IPN; ADR: IPSEY) today announced the release of first efficacy and safety data from the CLARINET FORTE study, with the abstract to be presented as a mini-oral presentation at the 2020 European Society for Medical Oncology (ESMO) Congress, taking place virtually from 19-21 September 2020. The prospective single-arm, open-label, exploratory, international Phase II study investigated the efficacy and safety of increasing the dose frequency of Somatuline® Autogel®(lanreotide) in patients with pancreatic or midgut NETs with centrally-assessed progression within the last two years while on a standard lanreotide regimen for ≥24 weeks. An extension of progression-free survival (PFS) rates and encouraging disease-control rates (DCR) were recorded in both tumor types, with no new safety signals. “These results support a clinically meaningful benefit to a population of patients with high unmet medical need by potentially delaying escalation to more toxic treatmen
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.Visit our pressroom