Press Release

Link11, the European leader in cyber-resilience, is warning organizations of an increase in the length of DDoS attacks over the past three weeks, which risk disrupting business processes for organizations as they implement large-scale remote working plans for employees following the Coronavirus outbreak.

During the three-week period Monday 17 February to Monday 9 March, Link11’s Security Operation Center (LSOC) defended 20,349 minutes of attacks (over 2,860 hours), which is more than 30% up compared to the 15,612 minutes of attacks mitigated during the same period in 2019. Link11 states that this escalation in the length of DDoS attacks could disrupt or entirely disable companies’ operations as they deploy remote working strategies to mitigate the spread of the COVID-19 novel coronavirus.

With large enterprises such as Google, Spotify and NASA implementing remote working for all staff, and many others restricting travel and encouraging employees to work from home, DDoS attacks could overwhelm organizations’ security defenses and cause connectivity or application outages for employees. Traditional on-premise DDoS defences, which are still widely used, and load-balancing products are not able to protect organizations against large-scale attacks, as these malicious data tsunamis can be several hundred times bigger than the available bandwidth on the main corporate internet connection, bringing everything to a standstill instantly.

Marc Wilczek, COO of Link11 said: “We cannot say whether this dramatic increase in the length/duration of attacks over the past three weeks is the result of criminals exploiting the Coronavirus outbreak, but it highlights how vulnerable organizations are as they quickly implement large-scale remote working for their staff. Cybercriminals could try to further take advantage of the situation.”

“The best way to mitigate the risk of disruption from DDoS attacks is by using cloud-based DDoS protection that constantly analyses data traffic to an organisation in real-time so that any anomalies or threats can be detected and defended immediately. The malicious traffic can then be filtered out in a granular manner before it can impact on the organization’s processes, without blocking legitimate traffic and without interrupting the flow of business.”