According to an analysis by Kaspersky, DDoS attacks were observed to be reducing in late-2020. One of the main reasons behind this drop is that cybercriminals are now repurposing their botnets towards cryptomining.

DDoS attack trends in Q4 2020

According to the researchers, a surge in cryptocurrency values is probably the key factor inspiring cybercriminals to use their botnets to mine cryptocurrencies.
  • In Q4, multiple schools in Sandwich and Tyngsboro (Mass.), Laurentian University in Canada, and Telenor Norway were targeted by DDoS attacks.
  • Cybercriminals employed the names of well-known APT groups to scare victims, and demanded ransoms in cryptocurrency along with demonstration attacks to back up their threats.
  • In addition, the perpetrators behind DDoS leveraged Citrix application delivery controller (ADC) devices to communicate with Datagram Transport Layer Security (DTLS) protocol enabled devices, eventually spoofing victims’ IP addresses.

Interesting statistics

  • The total volume of DDoS attacks was down by 31% in Q4.
  • However, the number of DDoS attacks was 10% higher than in the same period in the previous year.
  • The top countries targeted by DDoS attacks include China (44.49%), the US (23.57%), and Hong Kong (7.20%).
  • December 31 was the most active day for DDoS attacks, with 1,349 attacks.

What to expect in 2021?

Throughout 2021, a period of stability is expected with no major growth or decline, according to the researcher’s assessment. At present, the DDoS market is influenced by two opposite trends - people still rely on online resources for work and the other is a spike in cryptocurrency prices.


The cryptomining surge could be continued this year and it heavily depends on the cryptocurrency market. Therefore, experts suggest staying protected by using a CDN to protect websites. In addition, it is recommended to add filters to drop packets from identified sources of attack and timeout half-open connections.

Cyware Publisher