Kaspersky Finds Fewer DDoS Attacks and Small Geographic Shifts in Q2 2021Kaspersky Finds Fewer DDoS Attacks and Small Geographic Shifts in Q2 2021
Kaspersky found the total number of DDoS attacks decreased by 38.8% compared to Q2 2020, and by 6.5% in comparison to the previous quarter in 2021.
July 28, 2021
Woburn, MA — July 28, 2021 — In the second quarter of 2021, Kaspersky found the total number of DDoS attacks decreased by 38.8% compared to Q2 2020, and by 6.5% in comparison to the previous quarter in 2021. China became the leader in the number of devices from which SSH attacks were carried out. China also continued to lose ground in terms of the total number of DDoS attacks (10.2%). The U.S. remains the leader (36%) in this category for the second quarter in a row, while Poland and Brazil are new entries in the top five.
Recently, scammers have been looking for ways to amplify DDoS attacks and have been successful as the number of attacks through the Session Traversal Utilities for NAT (STUN) protocol has increased. Another visible trend is the exploitation of the TsuNAME vulnerability in DNS resolvers to attack DNS servers. In particular, this led to interruptions in the work of Xbox Live, Microsoft Teams, OneDrive and other Microsoft cloud services. Internet service providers also fell victim to DDoS attacks.
The overall situation in Q2 was relatively calm. On average, the number of DDoS attacks fluctuated between 500 and 800 per day. On the quietest day, only 60 attacks were recorded, and on the most intense, this reached 1,164.
The geography of DDoS attacks has also changed slightly. The U.S. once again became the leader for the amount of DDoS attacks (36%). At the same time, China (10.2%), which until this year was regularly in first place, continues to lose ground with shares decreasing by 6.3%. Third place was taken by a newcomer to the rating, Poland (6.3%), whose share increased by 4.3%. Brazil took fourth place, their share almost doubled amounting to 6%. Canada (5.2%), which previously closed the top three, dropped to fifth place.
Kaspersky experts also analyzed which countries had bots and malicious servers that attack IoT devices in order to expand botnets. Results show that the majority of devices that carried out attacks were in China (31.8%), the United States (12.5%) took second place, and Germany (5.9%) came in third.
“The second quarter of 2021 was calm, as we expected. There was a slight decrease in the total number of attacks compared to the previous quarter, which is typical for this period and is observed annually,” comments Alexey Kiselev, business development manager on the Kaspersky DDoS Protection team. “We traditionally associate these numbers with the beginning of holidays and vacations. In the third quarter of 2021, we also do not see any prerequisites for a sharp rise or fall in the DDoS attack market. The market will also continue to be highly dependent on the rate of cryptocurrencies, which has remained consistently high for a long time.”
More information about the report can be found via this link.
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
The State of Supply Chain Threats
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment