NBIP (Dutch National Internet Providers Management Organisation), an AMS-IX member who hosts the National Scrubbing Centre against DDoS attacks (NaWas), reported a significant increase of Distributed Denial-of-Service (DDoS) attacks in the last quarter of 2020. In the last quarter of 2020, the NaWas identified 540 DDOS attacks. In comparison: in Q3 2020 NaWas identified 307 attacks.
Most attacks were limited in duration and about 450+ attacks took less than an hour. However, the number of prolonged attacks (more than 4 hours) went up to 21 (in Q3 2020 the number of prolonged attacks was 16). DNS amplification (43%) and LDAP amplification (26%) made up for the bulk of the measured attacks.
The strongest attack measured in Q4 2020 had a strength of 167 Gbps. This was lower than the 200 Gbps attacks measured in August and September of 2020, the months with the most intense DDoS activity of that year.
DDOS-attacks still are prevalent form of cyber criminality. The number of attacks are not only increasing, but attacks are also becoming more complex, higher volume and more sophisticated.
Frank Dupker, from NaWas by NBIP, says:
“We see a new type of attack called carpet bombing involving a large number of individual attacks that are carried out simultaneously. Happily, we are able to mitigate these attacks through active ways of prefiltering.”
The biggest attack reported by the NaWas in 2019 was 124 Gbps. On average they reported 2,5 attacks per day in the same year. In Q4 2020 this number increased to an average of 4 attacks per day.