NetScout has revealed findings from its bi-annual Threat Intelligence Report, punctuated by a record-setting 10,089,687 Distributed Denial of Service (DDoS) attacks observed during 2020. Cybercriminals exploited vulnerabilities exposed by massive internet usage shifts since many users were no longer protected by enterprise-grade security. Attackers paid particular attention to vital pandemic industries such as e-commerce, streaming services, online learning, and healthcare generating a 20 per cent year-over-year increase in attack frequency over 2019 plus a 22 per cent increase in the last six months of 2020.
In August, a threat actor NetScout dubbed Lazarus Bear Armada (LBA) launched one of the most sustained and extensive DDoS extortion campaigns yet seen, taking down the New Zealand stock exchange and targeting organisations involved in Covid-19 testing and vaccine development.
According to NetScout’s Worldwide Infrastructure Security Report (WISR), which helps inform the Threat Intelligence Report findings, the number of enterprise respondents reporting DDoS extortion attacks increased by 125 per cent. Overloaded firewalls and virtual private network (VPN) concentrators, crucial technologies used during the pandemic lockdown, contributed to the outages in 83 per cent of the enterprises that suffered DDoS attacks. This finding represents a 21 per cent increase over 2019 figures.
“Cybercriminals set multiple records in 2020, taking advantage of the shift towards remote work across the globe,” stated Richard Hummel, threat intelligence lead, NetScout. “The second half of last year witnessed a huge upsurge in DDoS attacks, brute-forcing of access credentials, and malware targeting internet-connected devices. As the Covid-19 pandemic continues, it will be imperative for security professionals to remain vigilant to protect critical infrastructure.”
Other key findings from the report include: