Telia Carrier has today announced the findings of a new DDoS Threat Landscape Report, with a unique perspective on today’s cyber threats from traffic data observed on its #1 ranked Internet backbone, AS1299. The report investigates changes in attack vector, size and frequency, and reveals a staggering 50% increase in peak attack traffic compared to 2019, with a jump to 1.18 Terabytes per Second (TBPS) or 887 Mega Packets Per Second (Mpps).
The “Telia Carrier 2021 DDoS Threat Landscape Report”, is a snapshot of Telia Carrier’s monitoring and mitigation efforts to protect customers across its extensive global network. In 2020, Telia Carrier cleaned a staggering 57 Petabits or 14 tera packets of malicious data. During the same period, the average size of a DDoS attack was 19 Gbps (23 Mpps), with an average duration of 10 minutes.
Additional key findings from the report include:
• Greater incidence of high intensity attacks – With an overall rise in available network capacity, cyber criminals are increasingly targeting their victims with high intensity attacks, rather than simply congesting client links.
• DNS and NTP amplification attacks – These were the most common attack vectors in 2020.
• Activity peaks mirror COVID lockdowns – It was found that attack traffic mirrored the main spring and autumn lockdowns that took place in the US and Europe.
• Carpet bombing is on the increase – A clear trend has been seen of larger, co-ordinated attacks from multiple sources towards dynamically changing hosts within a target network. Previously this attack type was seen in severe, but isolated cases, but this activity is now more consistent and sustained.
“The rise of carpet bombing as a popular attack vector and a dramatic increase in peak attack traffic are two important reasons why organizations need to move to automatic threat mitigation techniques,” said Jorg Dekker, Head of Internet Services at Telia Carrier. “The volume and frequency continues to increase, and cyber criminals are using the huge bandwidth available across the Internet to target their victims with speed and ferocity from multiple launch points simultaneously. These dynamic and unpredictable attacks are precision planned and automated, so customers must fight fire with fire, by investing in auto-mitigation as they move away from static traffic inspection and mitigation.”