23 september 2021
Global DDoS attacks within Azure surge
It is safe to say that the increased Internet activity associated with the COVID-19 pandemic has caused a large wave of DDoS attacks on Azure infrastructure around the world. Microsoft experts record a 25% increase in assaults between Q4 2020 and the first half of 2021. In addition, attacks have increased significantly in volume and complexity. This trend will continue. Thanks to the growing popularity of IoT devices and the big interest in blockchain technologies.
Unprecedented Increase in Activity
Today it's hard to imagine a world without digital services. There is a growing reliance on cloud computing. They are important in every field, from healthcare and education to the financial and public sectors. Cybercriminals know this. They are steadily increasing the number of assaults using ransomware. In May, following a DDoS attack on Internet service provider Belnet, the websites of more than 200 organizations were shut down. Among them were Belgian government agencies, as well as educational and research centers.
The Azure DDoS Protection team tries to cope with the growing threat without too many consequences. At the hardest time in a single day, they managed to neutralize an average of 1,392 attacks. The record was set on May 24, 2021, when the team managed to repel 2,043 attacks. The total number of unique attacks on the global infrastructure of Microsoft Azure for the first 6 months of 2021 was 251944. Although the maximum throughput for attacks on Azure resources in 2021 was lower than in 2020, the average attack size increased by 30%. Like last year, short-term attacks dominate the first quarter of 2021. That's 76% of attacks lasting 30 minutes or less.
Features of DDos attacks 2021
DDoS operators do not stop improving their methods. One example is the recycling of IP addresses to launch short serial attacks. In addition, the number of attacks using the Bulk Transmission Control Protocol (TCP) has increased, accounting for 54% of the total. In contrast, attacks using User Datagram Protocol (UDP) decreased to 39%, of which 11% were amplified UDP attacks. More advanced methods allow attackers to attack different companies from the world's richest countries with impunity. Take a look at the Top 5 regions most popular with hackers.
- United States - 59%,
- Europe - 19%,
- East Asia - 6%,
- United Arab Emirates - 4%,
- United Kingdom - 3%.
These are the richest countries, where large financial structures and popular gaming hubs are concentrated. Massive TCP flood attacks have targeted financial institutions that rely heavily on TCP. Earlier this year, the epicenter of the attacks was the United Arab Emirates. Public and private organizations from the oil and gas sector were attacked, as were several financial institutions.
Cyber threats are only getting stronger. DDoS is changing and becoming more and more dangerous. For any company, there is a growing need to develop a robust protection strategy. It is important to respond to DDoS attacks promptly to reliably protect your workloads.