DDoS attacks in the third quarter rose 24% and became more sophisticated


Compared to the third quarter of 2020, the total number of Distributed Denial of Service (DDoS) attacks increased by almost 24%, while the total number of smart attacks (advanced DDoS attacks that are often targeted) increased by 31% compared to the same period last year. Some of the most important targets were pandemic tools, government organizations, game developers and well-known cybersecurity publications.

DDoS, or Distributed Denial of Service, attacks aim to flood a network server with service requests so that the server crashes – denying users access. This can cause major disruptions for organizations and businesses. Such attacks can last for minutes or even days. So-called “smart” DDoS attacks go a step further. These attacks are more sophisticated and often targeted, and can be used not only to disrupt services, but also to disable certain resources or steal money. Both types of attacks were on the rise in the third quarter of 2021.

Compared to the third quarter of 2020, the total number of DDoS attacks increased by almost 24%, and the total number of “smart” attacks by 31%. Both types of attacks also increased compared to the second quarter of 2021, with the largest percentage of attacked resources (40.8%) located in the United States, followed by Hong Kong and mainland China. In fact, in August, Kaspersky recorded a record number of DDoS attacks in a single day: 8,825.

Comparative number of DDoS attacks, second and third quarters of 2021, and third quarter of 2020. Data for the third quarter of 2020 are taken as 100%

Some of the most significant, major DDoS attacks during the last quarter included a new, powerful botnet called Mēris, which is capable of sending a huge number of requests per second. This botnet was noticed in the attacks on the two most famous cybersecurity publications – Krebs on Security and InfoSecurity Magazine.

Other significant DDoS trends in the third quarter included a series of politically motivated attacks in Europe and Asia, as well as attacks on game developers. In addition, the attackers targeted resources to fight the pandemic in several countries, and there were a number of ransomware attacks on telecommunications providers in Canada, the United States and the United Kingdom. The attackers introduced themselves as members of the notorious ransomware group REvil and shut down company servers to force them to pay a ransom.

Kaspersky researchers also noticed a very unusual DDoS attack at a state university that lasted several days. Although attacks on educational institutions are not uncommon, this one was particularly sophisticated. The attackers targeted the online accounts of the candidates for the state faculty, and chose the vector of the attack, which made the resource completely inaccessible. The attack continued even after the filtering started, which is a rarity.

“Over the last few years, we’ve seen how cryptocurrency groups and DDoS attacks competes for resources, as many botnets used for DDoS attacks can be used for cryptocurrency. Although we previously noticed a decline in DDoS attacks as the cryptocurrency gained in value, we can now notice a redistribution of resources. DDoS resources are in demand, and attacks are cost-effective. We expect the number of DDoS attacks to continue to increase in the fourth quarter, especially since, historically, the number of DDoS attacks has always been particularly high at the end of the year, ” commented Alexander Gutnikov, a security expert at Kaspersky.

Learn more about DDoS attacks in the third quarter of 2021 at Securelist.

To protect yourself from DDoS attacks, Kaspersky experts recommend the following:

  • Maintain web resource operations by hiring experts who understand how to respond to DDoS attacks.
  • Validate contracts with third parties as well as contact information, including those concluded with internet service providers. This helps teams access contracts quickly in the event of an attack.
  • Implement professional solutions to protect your organization from DDoS attacks. For example, Kaspersky DDoS Protection combines Kaspersky’s extensive expertise in combating cyber threats and the company’s unique internal solutions.
  • It is important to know your traffic. A good option is to use network and application monitoring tools to identify trends and tendencies. By understanding the typical traffic patterns and characteristics of your company, you can establish a basis for easier identification of unusual activities that indicate a DDoS attack.
  • Have a restrictive defensive Plan B ready. Be in a position to quickly re-establish services that are critical to your business in the event of a DDoS attack.


Source: Personal magazin by feedproxy.google.com.

*The article has been translated based on the content of Personal magazin by feedproxy.google.com. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!