In terms of straight numbers, there were fewer distributed denial-of-service (DDoS) attacks in 2021, and the average size of attacks also dropped. But the fact that there were 13% fewer DDoS attacks in 2021 over the previous year is not a lot to cheer about when cybersecurity teams are still grappling with attack volumes far above pre-pandemic levels, according to new research.

Nexusguard analysts say that in 2021 the top DDoS attack vectors were user datagram protocol (UDP) attacks, domain name system (DNS) amplification attacks, and transmission control protocol protocol acknowledgement (ACK) attacks.

Notably, ACK attacks are on the rise, accounting for 9.7% of DDoS attacks in 2021, up from 3.7% in 2020. Numbers for DNS and UDP DDoS attacks were still high enough to keep them in the top two, but both accounted for a smaller percentage of attacks compared with 2020, according to Nexusguard.

While the average attack size fell by 50% over 2021, the maximum attack size nearly tripled, so really large attacks are still a problem.

"Attack vectors are also in flux, because while UDP attacks are still the most common, TCP ACK, which can exponentially amplify the effect of a DDoS event with a small amount of traffic, rose significantly," Juniman Kasman, chief technology officer of Nexusguard, said about the new DDoS research.