Against the backdrop of an unprecedented shift toward online workforce participation across the globe, NETSCOUT’s ATLAS Security Engineering & Response Team (ASERT) observed a huge upsurge in distributed denial-of-service (DDoS) attacks, brute-forcing of access credentials, and malware targeting of internet-connected devices.
We observed multiple record-breaking events: the most DDoS attacks launched in a single month (929K), the most DDoS attacks in a single year (more than 10 million), and monthly DDoS attack numbers that regularly exceed the 2019 averages by 100,000 to 150,000 attacks. Combined with the weaponization of new reflection/amplification DDoS attack vectors allowing the abuse of misconfigured RDP over UDP, Plex Media SSDP, DTLS services, an increasingly complex threat landscape rapidly emerged.
And if that weren’t enough, a new threat actor known as Lazarus Bear Armada launched a global DDoS extortion campaign, using network reconnaissance to launch multivector attacks on critical pandemic infrastructure elements such as VPN concentrators, authoritative and recursive DNS servers, and upstream internet service providers’ (ISPs’) peering and customer aggregation routers.
To learn more about the cybersecurity and DDoS trends influencing organizations today, fill out the form below for a complimentary copy of the NETSCOUT 2H 2020 Threat Intelligence Report.