Fewer DDoS attacks in 2021

The total number of distributed denial of service (DDoS) attacks decreased by 13 percent in 2021 compared to 2020, but was still well above pre-pandemic levels, according to Nexusguard researchers in the recently released 2021 DDoS statistics report. While the average attack size decreased by 50 percent in 2021, the maximum attack size tripled by 297 percent over the same period. The top three DDoS attack vectors in 2021 were UDP (User Datagram Protocol) attacks, DNS (Domain Name System) attacks and TCP (Transmission Control Protocol) attacks.

The most common DDoS attacks

UDP attacks remained the most common form of DDoS attack, although their share declined this year from 59.9 percent in 2020 to 39.1 percent in 2021. UDP attacks can quickly overwhelm the defenses of unsuspecting targets and often serve as a cover to disguise other malicious activity, such as attempts to compromise personal data or the execution of malware or remote code. DNS attacks were the second most common, although they also make up a smaller proportion of overall attacks than 12 months ago, falling from 14.2 percent in 2020 to 10.4 percent in 2021. In a so-called DNS amplification attack, UDP packets with spoofed destination IP addresses are sent to a publicly accessible DNS server. Each UDP packet makes a request to a DNS resolver and often sends an "ANY" request to get a large number of responses. When attempting to respond, the DNS resolvers send a large response to the target's spoofed IP address. In this way, the target receives an enormous amount of responses from the surrounding network infrastructure, resulting in a DDoS attack.

Increasing number of ACK attacks

TCP acknowledgment (ACK) attacks, on the other hand, accounted for a larger share of total attacks year-on-year and became the third most common form of attack in 2022. In 2021, the proportion of TCP ACK attacks was 3.7 percent and then rose to 9.7 percent. In this type of attack, a large number of ACK packets with spoofed IP addresses are sent to the victim server, forcing it to process every ACK packet received, making the server unreachable for legitimate requests. "Although the number and average size of DDoS attacks have decreased in 2021 compared to 2020, the threat level is still very high when compared to pre-pandemic levels," said Juniman Kasman, Chief Technology Officer at Nexusguard. "Attack vectors are also in flux, as while UDP attacks are still the most common, TCP ACKs, which can exponentially amplify the impact of a DDoS event with a small amount of traffic, have increased significantly. Organizations need to be prepared to deal with a wide range of vectors - DDoS remains a persistent, heightened threat." Source: Nexusguard

This article originally appeared on m-q.ch - https://www.m-q.ch/de/weniger-ddos-angriffe-im-jahr-2021/