According to an analysis by Kaspersky, DDoS attacks were observed to be reducing in late-2020. One of the main reasons behind this drop is that cybercriminals are now repurposing their botnets towards cryptomining.
DDoS attack trends in Q4 2020
According to the researchers, a surge in cryptocurrency values is probably the key factor inspiring cybercriminals to use their botnets to mine cryptocurrencies.
In Q4, multiple schools in Sandwich and Tyngsboro (Mass.), Laurentian University in Canada, and Telenor Norway were targeted by DDoS attacks.
Cybercriminals employed the names of well-known APT groups to scare victims, and demanded ransoms in cryptocurrency along with demonstration attacks to back up their threats.
In addition, the perpetrators behind DDoS leveraged Citrix application delivery controller (ADC) devices to communicate with Datagram Transport Layer Security (DTLS) protocol enabled devices, eventually spoofing victims’ IP addresses.
The total volume of DDoS attacks was down by 31% in Q4.
However, the number of DDoS attacks was 10% higher than in the same period in the previous year.
The top countries targeted by DDoS attacks include China (44.49%), the US (23.57%), and Hong Kong (7.20%).
December 31 was the most active day for DDoS attacks, with 1,349 attacks.
What to expect in 2021?
Throughout 2021, a period of stability is expected with no major growth or decline, according to the researcher’s assessment. At present, the DDoS market is influenced by two opposite trends - people still rely on online resources for work and the other is a spike in cryptocurrency prices.
The cryptomining surge could be continued this year and it heavily depends on the cryptocurrency market. Therefore, experts suggest staying protected by using a CDN to protect websites. In addition, it is recommended to add filters to drop packets from identified sources of attack and timeout half-open connections.