DDoS attacks on rise due to COVID-19
The amount of distributed denial of service attacks (DDoS) rose at the beginning of this year primarily on education and municipal sites.
The overall number of distributed denial of service attacks (DDoS) grew during the first three months of this year, with a significant spike in attacks on educational and municipal sites, according to a Kaspersky report. Researchers attribute this growth to the COVID-19 pandemic as a majority of people are working from home and heavily reliant on digital resources.
The pandemic has caused almost all activities to shift online, and cyber attackers are stepping up to the challenge. They have leveraged the increased demand in online resources to conduct attacks on vital digital services as well as those growing in popularity.
For instance, the U.S. government’s Department of Health and Human Services, a group of hospitals in Paris and servers of an online game were all targets of DDoS attacks in February and March.
There was also notable growth in attacks on educational resources and official municipal websites. In Q1 2020, this number tripled compared to the same period in 2019, and the share of such attacks amounted to 19 percent of the total number of incidents in Q1 2020.
In general, DDoS attacks in Q1 2020 has increased. During this period, Kaspersky DDoS Protection detected and blocked double the amount of attacks than in Q4 2019, and 80% more in comparison with Q1 2019. The average duration of attacks also grew with Q1 2020 DDoS attacks lasting 25% longer than in Q1 2019.
“Outage of Internet services can be especially challenging for businesses now, because this is often the only way to make goods and services available to their customers,” said Alexey Kiselev, business development manager for Kaspersky DDoS Protection. “In addition, widespread adoption of remote working opens new vectors for those responsible for carrying out DDoS attacks. Previously most attacks were conducted against the public-facing resources of companies. We now see that DDoS attacks target internal infrastructure elements, for example, corporate VPN gateways or email servers.”
To help organizations protect themselves from DDoS attacks during this spike of activity while staff work from home, Kaspersky recommends the following measures
- Do not panic. Unexpected traffic peaks may look like a DDoS attack, but these instances can be caused by legitimate users. They can visit resources which were not as popular before at times they were not previously accessing them
- Conduct a fault tolerance analysis of your infrastructure to identify weak nodes and increase their reliability. Attack vectors and traffic peaks are changing, so some resources may work unstably.
- Consider DDoS protection for your non-public services. Their importance to business continuity may increase, making them a target for malefactors.