In the second quarter of 2021, the total number of DDoS attacks decreased by 38.8% compared to the second quarter of 2020 and by 6.5% in 2021 compared to the previous quarter. While China was the leader in the number of devices with SSH attacks, it continued to lose ground in terms of the total number of DDoS attacks (10.2%). The USA continued to lead (36%) in this category for the second quarter in a row, while Poland and Brazil entered the top five.
Recently, scammers have been looking for ways to strengthen DDoS attacks. With this quest, the number of attacks through the Session Relay Utilities (STUN) protocol for NAT has increased. Another apparent trend was the exploitation of the TsuNAME vulnerability in DNS resolvers to attack DNS servers. This has particularly resulted in disruptions to Xbox Live, Microsoft Teams, OneDrive and other Microsoft cloud services. Internet service providers have also been affected by DDoS attacks.
The overall situation in the second quarter was relatively calm. The average number of DDoS attacks fluctuated between 500 and 800 per day. Only 60 attacks were recorded on the quietest day, while on the busiest day that number reached 1164.
The geography of DDoS attacks has also changed during this period. The US once again led the way in the amount of DDoS attacks (36%). At the same time, China (10.2%), which has consistently ranked first in this area until this year, continues to lose ground. Poland (6.3%) took the third place, increasing its share by 4.3%. Brazil nearly doubled its share, reaching 6% and taking fourth place. Canada, which was previously in the top three, dropped to fifth place with 5.2%.
KasperskyThe experts also analyzed which countries are prone to bots and malicious servers attacking IoT devices to expand their botnet networks. The results show that the majority of devices performing the attacks are in China (31.8%), the USA (12.5%) and Germany (5.9%).
Alexey Kiselev, Business Development Manager of the company’s DDoS Protection, said: “The second quarter of 2021 was as calm as we expected. There was a slight decrease in the total number of attacks compared to the previous quarter, which is typical for this period and we observe on an annual basis. We traditionally associate this fall with the onset of the holidays. We do not foresee any conditions for a sharp rise or fall in DDoS attacks in the third quarter of 2021. The market will remain heavily reliant on the long-term consistently high cryptocurrency value.”