According to IT security provider Link11, the number of DDoS attacks reached a new high in the first half of 2021. The increase compared to the same period last year, with its DDoS boom and a doubling of attacks, was another 33%. This is according to the new network statistics from the Link11 Security Operations Center (LSOC).

Attack figures have been rising for months

According to the statistics, the number and severity of DDoS attacks have once again skyrocketed since the beginning of the year: LSOC recorded 19% more attacks in Q2 2021 than in the previous quarter. This means that the already high level of threat posed by this type of attack has intensified once again. According to the network analysis, high-volume attacks of several 100 Gbps are also becoming increasingly commonplace.

Current key figures from Link11's DDoS defense for the first half of 2021:

• Further growth in attack figures H1/2020 vs. H1/2021: + 33%
• Rising number of DDoS attacks Q1 vs. Q2 2021: + 19%
• Maximum attack bandwidth: 555 Gbps
• Increase in attack bandwidth H1/2020 vs. H1/2021: + 37 %
• Number of high-volume attacks > 100 Gbps in H1/2021: 28

The threat situation in the first three months of 2021 was characterized by DDoS attacks on web services that ensured life, learning and work under pandemic conditions. These included vaccination platforms, learning portals and IT infrastructures for mobile working from home. In many cases, hosting providers and ISPs, which made the express digitalization of the economy and society possible in the first place, came under fire.

Targeted DDoS blackmail on the rise

The Link11 Security Operations Centers, or LSOC for short.

© Link11

Since the beginning of 2021, repeated and ever-increasing waves of DDoS blackmail have also created a tense threat situation. Ransom emails with changing senders such as Fancy Bear, Lazarus Group or currently Fancy Lazarus have been and continue to be targeted at companies with increasing frequency. Instead of proceeding indiscriminately, the ransom demands now vary depending on the size of the company and the sector of the victim. In fact, companies from a wide range of sectors (including finance, e-commerce, media and logistics) are currently affected. An end to the current wave in the current third quarter is not yet in sight, warns the LSOC.

According to the IT security experts, the intensity and aggressiveness of the blackmail has increased noticeably. According to the company, the extent exceeds the many cybercriminal DDoS activities that have been observed in recent years when protecting numerous customers. Every day, more companies are reporting that they are unable to withstand the warning attacks, are experiencing serious outages and are seeking protection via short-term emergency integrations. Business interruptions, production losses, the loss of data and the lengthy restoration of systems are otherwise sometimes the result.

Marc Wilczek, Managing Director of Link11, comments on the current situation: "In an increasingly networked world, the availability and integrity of IT systems are business-critical and are becoming a basic requirement. The dynamic development of the situation in the first half of 2021 shows that companies are continuously exposed to DDoS attacks and that these have reached a new level of frequency and complexity. Due to increasingly sophisticated attack techniques, many security tools are reaching their limits. Maximum precision and speed in detecting and defending against attacks are more in demand than ever before."

Underestimated risk of DDoS attacks

Although the authorities have considered the threat of DDoS attacks to be persistently high since the beginning of the year and security providers have repeatedly issued warnings, many companies are surprised and unprepared when they fall victim to such attacks. In many cases, they are virtually defenceless against targeted overload attacks. This makes the company's IT vulnerable and brings operational processes to a standstill. An ad hoc implementation of specialized protection solutions remains as a means of acute damage limitation. From an economic and legal perspective, however, it makes more sense to focus on sustainable prevention rather than reaction.

The threat situation is likely to continue over the next few months, with more and more attacks and new attempts at blackmail. The LSOC recommends further tightening up your own protective measures, not responding to the blackmail under any circumstances, but if necessary calling in external specialists to defend against DDoS attacks.

According to documents from Link11