{"id":3288,"date":"2020-08-07T13:26:30","date_gmt":"2020-08-07T11:26:30","guid":{"rendered":"https:\/\/10guards.com\/?p=3288"},"modified":"2020-08-13T16:05:26","modified_gmt":"2020-08-13T14:05:26","slug":"ddos-attacks-doubled-in-q2-2020","status":"publish","type":"post","link":"https:\/\/10guards.com\/en\/blog\/2020\/08\/07\/ddos-attacks-doubled-in-q2-2020\/","title":{"rendered":"DDoS Attacks Doubled in Q2 2020"},"content":{"rendered":"<p>2020 is a real game-changer &#8211; an epidemic, unemployment, a new way of life, and mass transition to online \u2013 that is what 2020 brought us. While we all continue to adapt to the new reality and think about the future, cybercriminals seem to take to it like a duck to water. Only in May, the number of leaks <a href=\"https:\/\/10guards.com\/en\/articles\/data-breaches-and-cyber-attacks-in-may-2020-up-to-9-billion-records\/\" target=\"_blank\" rel=\"noopener noreferrer\">almost reached 9 billion records<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<p>Today we will talk about the largest DDoS attacks in the first six months of 2020 and about companies that hackers have shifted their focus to during the pandemic.<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #afcf60;\"><a style=\"color: #afcf60;\" href=\"https:\/\/en.wikipedia.org\/wiki\/Denial-of-service_attack\" target=\"_blank\" rel=\"noopener noreferrer\">The Denial of Service (DDoS)<\/a> <\/span>attack aims to disable a website by sending thousands of requests per second to overload the website server and cause it to fail.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"color: #afcf60;\">DDoS attacks increased by 542% between the fourth quarter of 2019 and the first quarter of 2020. Their number doubled in the second quarter. At the same time, the number of small attacks continues to increase, while large attacks are becoming more and more widespread. Vivek Ganti and Omer Yoachimik wrote about this on the <a style=\"color: #afcf60;\" href=\"https:\/\/blog.cloudflare.com\" target=\"_blank\" rel=\"noopener noreferrer\">Cloudflare blog<\/a>.<\/span><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>Moreover, the authors claim that the second quarter recorded the largest DDoS attacks ever.<\/p>\n<p>&nbsp;<\/p>\n<p>As for duration, 83% of all attacks lasted from 30 to 60 minutes. A similar trend observed in the first quarter: 79% of attacks had the same range.<\/p>\n<div class=\"infogram-embed\" data-id=\"7e3c321f-1675-4e35-8b36-f36f0a6cc345\" data-type=\"interactive\" data-title=\"Copy: Copy: DDoS attack duration 2020_ENG\"><\/div>\n<p><script>!function(e,i,n,s){var t=\"InfogramEmbeds\",d=e.getElementsByTagName(\"script\")[0];if(window[t]&&window[t].initialized)window[t].process&&window[t].process();else if(!e.getElementById(n)){var o=e.createElement(\"script\");o.async=1,o.id=n,o.src=\"https:\/\/e.infogram.com\/js\/dist\/embed-loader-min.js\",d.parentNode.insertBefore(o,d)}}(document,0,\"infogram-async\");<\/script><\/p>\n<div style=\"padding: 8px 0; font-family: Arial!important; font-size: 13px!important; line-height: 15px!important; text-align: center; border-top: 1px solid #dadada; margin: 0 30px;\"><a style=\"color: #989898!important; text-decoration: none!important;\" href=\"https:\/\/infogram.com\/7e3c321f-1675-4e35-8b36-f36f0a6cc345\" target=\"_blank\" rel=\"noopener noreferrer\">Copy: Copy: DDoS attack duration 2020_ENG<\/a><br \/>\n<a style=\"color: #989898!important; text-decoration: none!important;\" href=\"https:\/\/infogram.com\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Infogram<\/a><\/div>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>These may not seem significant, but imagine that this is a cyber-battle lasting 30 to 60 minutes between your cybersecurity team and the hacker.\u00a0 Now the attack doesn&#8217;t look so painless and short.<\/p>\n<p>&nbsp;<\/p>\n<p>Besides, if even a short DDoS attack causes a failure or deterioration in system maintenance, you can spend a lot of time restoring, rebooting your devices, and restarting services. At the same time, you lose income and reputation every minute.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"color: #afcf60;\">POETIC JUSTICE<\/span><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>The American company Cloudflare, which provides <a href=\"https:\/\/en.wikipedia.org\/wiki\/Content_delivery_network\">CDN<\/a> services, protection against DDoS attacks, as well as secure access to resources and <a href=\"https:\/\/en.wikipedia.org\/wiki\/Name_server\">DNS<\/a> servers, <a href=\"https:\/\/blog.cloudflare.com\/mitigating-a-754-million-pps-ddos-attack-automatically\/\" target=\"_blank\" rel=\"noopener noreferrer\">has recently been attacked<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<p>It all started on June 18 and lasted four days. At the peak, the DDoS-attack reached a speed of 754 million packets per second. Traffic forwarded from more than 316,000 different IP addresses to one Cloudflare IP address, which mainly used for sites that provide a free plan to customers.<\/p>\n<p>&nbsp;<\/p>\n<p>The company said that the attackers tried (and failed) to overload routers and data center devices with high packet transfer rates (754 million \/ s).<\/p>\n<p>&nbsp;<\/p>\n<p>If you visualize this attack, the packet stream is a swarm of millions of mosquitoes that need to be killed one by one.<\/p>\n<p>&nbsp;<\/p>\n<p>Cloudflare claims to have been able to handle the incident without much trouble. According to some reports, this could have been a diversionary tactic from large-scale data theft or a test before future attacks.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p>Another company that provides Internet security services has caught in the crossfire of cybercriminals. On June 21, Akamai extinguished <a href=\"https:\/\/blogs.akamai.com\/2020\/06\/largest-ever-recorded-packet-per-secondbased-ddos-attack-mitigated-by-akamai.html\" target=\"_blank\" rel=\"noopener noreferrer\">the largest DDoS attack of the PPS type<\/a> (packet per second) previously recorded on the platform.<\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>The cyberattack generated 809 million packets per second and targeted a major European bank.\u00a0 PPS attacks mainly designed to overload network equipment and systems in the data center or cloud infrastructure.<\/p>\n<p>&nbsp;<\/p>\n<p>Unlike DDoS attacks, which disrupt Internet resources, they exhaust hardware resources. Curiously, the growth of source IP addresses was explosive &#8211; the cyberattack took off from ordinary traffic levels to 418 Gbps almost instantly. Then it reached a peak of 809 million packets per second in about two minutes.<\/p>\n<p>&nbsp;<\/p>\n<p>Akamai notes that the vast majority of the attack traffic originated from unknown IP addresses, which indicates the emergence of a botnet. Before that, the record traffic volume of a PPs attack was only 293.1 million packets per second, which is 2.7 times less than the incident with Akamai.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p>Amazon AWS Shield also extinguished a 2.3 Tb\/s DDoS attack.<\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>We don&#8217;t know which client suffered from the cyberattack. The AWS Shield Threat Landscape Report only mentions that DDoS was organized using compromised CLDAP web servers. The attack lasted three days.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"color: #afcf60;\">TIDBIT<\/span><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>As COVID-19 came into our lives, we began to use delivery services, educational platforms, game servers, remote communication platforms, and medical resources more often. No wonder that hackers have shifted their focus to these businesses.<\/p>\n<p>&nbsp;<\/p>\n<p>Cybercriminals especially fascinated by the medical sector. In March, cybercriminals attempted to block the work of the U.S. Government Department of Health and Human Services (HHS), and the hospital network in Paris Assistance Publique &#8211; H\u00f4pitaux de Paris (APHP), which consists of 44 institutions.<\/p>\n<p>&nbsp;<\/p>\n<p>We recently wrote about the unhealthy love of hackers for the World Health Organization as well as for the hospitals and research centers that have suffered from cyberattacks.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p>Several European food delivery services experienced DDoS attacks. The German Takeaway.com (<a href=\"https:\/\/www.lieferando.de\/\">Lieferando.de<\/a>) was attacked during the peak of orders on their website.<\/p><\/blockquote>\n<p><span class=\"alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-3296\" title=\"Tweet Takeaway\" src=\"https:\/\/10guards.com\/wp-content\/uploads\/Tweet1.png\" alt=\"Tweet about DDoS attack on Takeaway food delivery\" width=\"950\" height=\"755\" srcset=\"https:\/\/10guards.com\/wp-content\/uploads\/Tweet1.png 755w, https:\/\/10guards.com\/wp-content\/uploads\/Tweet1-300x238.png 300w\" sizes=\"auto, (max-width: 950px) 100vw, 950px\" \/><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>The company could take orders but not process them. Hackers demanded two bitcoins to stop the attack.<\/p>\n<p>&nbsp;<\/p>\n<p>According to the CEO of the company, no one paid the ransom. This situation caused a lot of damage to Lieferando due to the size of its delivery network &#8211; more than 15 thousand restaurants in Germany.<\/p>\n<p>&nbsp;<\/p>\n<p>The consequences affected customers, restaurant owners, and the reputation of the service. Lieferando had to compensate users for the orders they had paid for, but that failed to deliver.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p>A similar story happened to the Dutch delivery service <a href=\"https:\/\/www.thuisbezorgd.nl\/en\/\">Thuisbezorgd<\/a>.<\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>Cybercriminals also paid attention to the education platforms.\u00a0 In March, the German online platform <a href=\"https:\/\/www.mebis.bayern.de\/\">Mebis<\/a> was affected by a DDoS attack.<\/p>\n<p>&nbsp;<\/p>\n<p><span class=\"alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-3297\" title=\"Tweet Mebis\" src=\"https:\/\/10guards.com\/wp-content\/uploads\/Tweet2.jpg\" alt=\"Tweet about DDoS attack on Mebis\" width=\"950\" height=\"953\" srcset=\"https:\/\/10guards.com\/wp-content\/uploads\/Tweet2.jpg 728w, https:\/\/10guards.com\/wp-content\/uploads\/Tweet2-300x300.jpg 300w, https:\/\/10guards.com\/wp-content\/uploads\/Tweet2-150x150.jpg 150w\" sizes=\"auto, (max-width: 950px) 100vw, 950px\" \/><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>When the online classes started, the website was down for a couple of hours. Probably it was a joke of some Bavarian student, who wasn&#8217;t very enthusiastic about studying.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p>Those who liked to play had to get nervous too. The multiplayer game EVE Online was under the pressure of DDOS attack for nine days. Also, the gaming platform Blizzard had similar issues, and in January,<\/p><\/blockquote>\n<p><span class=\"alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-3298\" title=\"Tweet Blizzard gaming platform\" src=\"https:\/\/10guards.com\/wp-content\/uploads\/Tweet3.png\" alt=\"Tweet about DDoS attack on Blizzard gaming platform\" width=\"950\" height=\"413\" srcset=\"https:\/\/10guards.com\/wp-content\/uploads\/Tweet3.png 559w, https:\/\/10guards.com\/wp-content\/uploads\/Tweet3-300x130.png 300w\" sizes=\"auto, (max-width: 950px) 100vw, 950px\" \/><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>Wargaming servers were undergoing a prolonged DDoS attack too.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p>The servers of the government agencies were also affected.<\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>For example, in Greece, the websites of ministries, emergency services, and even the police were out of order. The U.S. voter registration site was also affected by the attack. Hackers used the technique of pseudo-random attack on subdomains (PRSD), requests were made for at least one month with an interval of about two hours, the frequency reached a peak of about 200 thousand DNS-requests.<\/p>\n<p>&nbsp;<\/p>\n<p>By the way, the largest DDoS attack known took place in February 2018. The target of this attack was GitHub &#8211; a popular online service for code management, which is used by millions of developers. At the peak of the attack was recorded incoming traffic at 1.3 terabytes per second (Tbps) and sending packets at 126.9 million per second.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>\u00a0Source: <a href=\"https:\/\/habr.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">\u0425\u0430\u0431\u0440<\/a><\/strong><\/p>","protected":false},"excerpt":{"rendered":"<p>2020 is a real game-changer &#8211; an epidemic, unemployment, a new way of life, and mass transition to online \u2013 that is what 2020 brought us. While we all continue to adapt to the new reality and think about the future, cybercriminals seem to take to it like a duck to water. Only in May, [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":3266,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-3288","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-articles"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/10guards.com\/wp-content\/uploads\/ddos-attack_DDoS-2.png","_links":{"self":[{"href":"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/posts\/3288","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/comments?post=3288"}],"version-history":[{"count":21,"href":"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/posts\/3288\/revisions"}],"predecessor-version":[{"id":3325,"href":"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/posts\/3288\/revisions\/3325"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/media\/3266"}],"wp:attachment":[{"href":"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/media?parent=3288"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/categories?post=3288"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/10guards.com\/en\/wp-json\/wp\/v2\/tags?post=3288"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}