theDocumentId => 1341541 Link11 Discovers Record Number of DDoS Attacks in ...

Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

7/15/2021
05:40 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Link11 Discovers Record Number of DDoS Attacks in First Half of 2021

In H1 2021, cyber criminals targeted businesses in record numbers as they continued to exploit vulnerabilities caused by the pandemic.

15 July 2021: Link11, Europe’s leading IT security provider in cyber resilience, has reported a 33% increase in the number of DDoS attacks in H1 2021.

Between January and June, the Link11 Security Operations Centre (LSOC) recorded record numbers of attacks compared to the same period last year. The report also found that between Q1 2021 and Q2 2021 there was a 19% increase in DDoS campaigns, some of which were over 100 Gbps in attack volume; further evidence that cybercriminals are continuing to exploit the vulnerabilities of businesses during the pandemic.

Link11 has found that:

·       The number of attacks continued to rise: + 33% increase year-on-year compared to H1/2020.

·       DDoS attacks are increasing: +19% in Q2 2021 compared to Q1 2021.

·       Overall attack bandwidth remained high: 555 Gbps in maximum attack volume.

·       Sharp increase in attack bandwidth: +37% increase in H1/2021 compared to H1/2020.

·       Number of high-volume attacks > 100 Gbps in H1/2021: 28

Criminals targeted those organisations and institutions that were in high demand during the global pandemic, such as vaccination websites, e-learning platforms or portals and businesses IT infrastructure plus hosting providers and internet service providers.

LSOC also suggests that the use of extortion emails has reached critical levels. Employees have received malicious emails from a multitude of different senders including Fancy Bear, Lazarus Group and most recently Fancy Lazarus. Instead of being indiscriminate, ransom demands now vary depending on the size of the company and the industry of the victims. In fact, companies from a wide range of industries (including finance, e-commerce, media and logistics) are currently being affected. The frequency of these campaigns has increased, ransom demands have skyrocketed and LSOC is warning that they could continue well into Q3 2021.

According to Link11’s security experts, the intensity and regularity of extortion emails has noticeably increased. The scale of DDoS activity far exceeds any from previous years and the number of businesses experiencing serious security breaches has risen sharply. The consequences of such an attack can be severe, from loss of revenue, costly business interruptions, long recovery times to sensitive data being compromised.

Marc Wilczek, Managing Director of Link11, said: "In an increasingly connected world, the availability and integrity of IT systems are critical to any business. Our research for the first half of 2021 shows that companies are continuously exposed to DDoS attacks and that they are far more frequent and complex. Due to the increasingly sophisticated attack techniques being used by cyber criminals, many security tools are reaching their limits. This means that solutions which provide maximum precision and speed in detecting and mitigating the attacks are more in demand than ever before."

Although the threat level of DDoS attacks has remained high and security providers have provided persistent warnings, LSOC believes some companies still lack the relevant security solutions to prevent an attack. In a number of cases, organisations have been found to be completely unprotected and operations have been brought to a standstill. The only way to limit the damage is to implement specialised protection solutions on an ad-hoc basis. From an economic and legal point of view, however, it makes more sense to focus on sustainable prevention rather than reaction.

As threat levels continue to rise LSOC recommends businesses take this opportunity to conduct a thorough review of their cyber security posture. They are also warning if you fall victim to a DDoS attack do not respond to extortion attempts and call in a specialist as soon as an attack has been detected. For more information on the threat landscape, visit the Link11 blog https://www.link11.com/en/blog/.

About Link11

Link11 is the leading European IT security provider in the field of cyber-resilience headquartered in Germany, with sites worldwide in Europe, North America, Asia and the Middle East.  The cloud-based security services are fully automated, react in real-time and defend against all attacks, including unknown and new patterns, in under 10 seconds.  According to unanimous analyst opinion (Gartner, Forrester) Link11 offers the fastest detection and mitigation (TTM) available on the market. The German Federal Office for Information Security (BSI) recognizes Link11 as a qualified DDoS protection provider for critical infrastructures.

To ensure cyber-resilience, web and infrastructure DDoS protection, Bot Management, Zero Touch WAF and Secure CDN Services among others provide holistic and cross-platform hardening of business' networks and critical applications.  The 24/7 operated Link11 Security Operation Center, which is located at sites in Germany and Canada according to the follow-the-sun principle, provides the reliable operation of all systems and manages the expansion of the global MPLS network with 43 PoPs and more than 4 Tbps capacity. Guaranteed protection bandwidths of up to 1Tbps provide maximum reliability.  International customers can thus concentrate on their business and digital growth. Since the company was founded in 2005, Link11 has received multiple awards for its innovative solutions and business growth.

 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-32686
PUBLISHED: 2021-07-23
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and ...
CVE-2021-32783
PUBLISHED: 2021-07-23
Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy rem...
CVE-2021-3169
PUBLISHED: 2021-07-23
An issue in Jumpserver 2.6.2 and below allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets.
CVE-2020-20741
PUBLISHED: 2021-07-23
Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authentication via the "CE Remote Display Tool" as it does not close the incoming connection on the Windows CE side if t...
CVE-2021-25808
PUBLISHED: 2021-07-23
A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.