Radware's quarterly “DDoS Attack Report” shows that the volume of DDoS attacks (Distributed Denial of Service) worldwide rose 40 percent in the second quarter compared to the same period last year has increased.
Attack volume and number differ strongly
The focus was primarily on technology companies with an average of almost 3,000 attacks per company, followed by healthcare with around 2,000 attacks per company. However, the attack volumes in these two industries were relatively small, while retail and telecommunications had to defend themselves against a significantly lower number of attacks, which in turn had significantly higher volumes. Only about 6 percent of all attacks were directed against telecommunications companies, which made up 18 percent of the total volume. Retail was faced with around 9 percent of the attacks, but 36 percent of the attack volume. The health sector, on the other hand, had a volume of less than one percent in over 20 percent of the attacks.
Geographically, the attacks were mainly spread across America and the EMEA region, which accounted for 80 percent of the volume.
2.3 TB per Month per company
On average, according to the report, each company had to detect and block almost 5,000 malicious events and a volume of 2.3 TB per month in the second quarter of 2021. In the second quarter of 2021, the average number of malicious events blocked per company increased by more than 30 percent and the average blocked volume per company increased by more than 40 percent compared to the second quarter of 2020.
Here, too, the geographical differences can be seen, because in the first half of 2021 a company in North and South America or in EMEA had to fend off twice as much volume on average as a company in the Asia-Pacific region (APAC).
Financial sector badly affected, authorities hardly any
After technology and healthcare, the financial sector was the sector most affected by DDoS attacks in the second quarter (1,350 attacks per company), followed by retail, communications and telecommunications (between 600 and 1,000 attacks per company). The gambling industry averaged more than 400 attacks, while government and utility companies averaged only about 280. In terms of blocked volume, the retail sector was hardest hit in the second quarter, followed by gaming, telecommunications and technology.
Heavy burst attacks were recorded
In particular, burst attacks against technology and financial companies were particularly large in the second quarter, according to Radware. These hit-and-run DDoS attacks use repetitive, short, high-volume bursts. An attack experienced multiple, consistent 80 Gbps bursts that lasted two to three minutes and repeated every four minutes. This resulted in 12 attack bursts with 80 Gbit/s within a 45-minute time frame.
Gaps are exploited faster and faster
In addition, the time window between the discovery and the use of new vulnerabilities is getting smaller and smaller. “In some cases we have observed that less than 24 hours elapse between the release of a patch by a manufacturer and the attempt to exploit the vulnerability,” explains Pascal Geenens, Director of Threat Intelligence at Radware.
Data comes from own devices
The data for the report is based on a sample of Radware devices that are in Radware's cloud scrubbing centers, as well as on locally managed devices in Radware's Hybrid and Peak Protection Services. Radware is a global provider of application delivery and cybersecurity services for virtual, cloud-based and software-defined data centers, competing with solutions from Akamai and Cloudfare, for example.