Small DDoS Attacks Are Increasing; VPNs Could Fall Victim Next During Epidemic

Reading time: 4 min
Share this Share on email Share on twitter Share on linkedin Share on facebook

While the COVID-19 is confining workers to home and keeping offices empty, cybercriminals and other bad actors have no compulsion in continuing their DDoS attacks. The only difference appears to be in the scale of attacks, which are slowly moving from large to small targets. On top of that, an increase in attacks aimed at VPN providers is expected.

DDoS attacks are a fact of life in the online world, and companies have to deal with them regularly. But the focus is shifting from large-scale attacks against single points of interest to a more distributed approach, driven mainly by DDoS-for-hire services. The current COVID-19 pandemic accelerates this trend, as more than a billion people are staying at home, with many of them still working.

Upgrades to the Internet infrastructure lead to faster Internet speeds, but they also allow more massive attacks. According to a report from Neustar, the most significant increase was in the 5-gigabit-per -(Gbps) and below category, which goes to show the granular approach of DDoS-for-hire services.

On the other hand, the biggest DDoS attack mitigated by Neustar in 2019 clocked in at 587 Gbps, which was 31% larger than the values registered in 2018. The same attack had an intensity of 343 million packets per second (Mpps). Even with this singular event showing a consistent increase, the average attack size remained the same, at 12 Gbps, and the same 3 Mpps intensity.

By far the biggest problem is represented by attacks of 5 Gbps or less, which account for 80% of all attacks mitigated by Neustar. The size is also consistent with what the rest of the industry is currently experiencing. Surprisingly, many DDoS attacks target the gaming industry, with simple users renting out bot networks to take down the Internet of other players during online matches.

Also, in the fourth quarter of 2019, 86 percent of all attacks mitigated by the company had at least two attack vectors, and 5% of all attacks came from four or more vectors.

There are very few situations when the DDoS attack doesn’t have a hidden motivation. Degrading the functionality of a website is not always the goal, and it can be used as a cover for other forms of cybercrime, such as data theft.

With more than a billion people at home and no clear end of the self-isolation in sight, a shift is expected, with attackers moving their focus to VPNs.

“Furthermore, with the current move of the bulk of the workforce globally to a work from home model, we expect to see a significant increase in DDoS attacks against VPN infrastructure. This risk makes an ‘always on’ DDoS mitigation service even more critical,” says Rodney Joffe, senior technologist and fellow at Neustar.

Companies need to be aware of the dangers that DDoS attacks pose in these trying times. It also falls into the Internet Service Providers’ (ISP) purview to mitigate these attacks by implementing solutions in their network hardware, allowing them to tackle the problem before it reaches users.