In the midst of the global pandemic, cybercriminals are adjusting their strategy regarding DDoS attacks. According to a report by Russian security vendor, Kaspersky, recent DDoS attacks have increasingly targeted websites of medical organizations, delivery services, and gaming and educational platforms.
In mid-March, for example, attackers tried to disable the website of the US Department of Health and Human Services, seemingly to disable access to official data about the pandemic and measures taken against it. At the same time, unknown cyber actors spread misinformation in social networks and via text and e-mail about the introduction of a nationwide quarantine in the US. The attempt failed, and the HHS website continued to function, despite the increased load. Other recent targets include a large Paris-based hospital group, a pair of European food delivery services, and the online gaming industry. Politically motivated attacks have also been on the rise, as well as attacks on financial institutions.
This quarter has seen a significant increase in both the quantity and quality of DDoS attacks. The number of attacks doubled against the previous reporting period, and by 80% against Q1 2019. The attacks also became longer in average and in maximum duration. The number of DDoS attacks on educational and administrative web resources tripled compared to the same period in 2019. Such attacks in Q1 2020 amounted to 19% of the total number of incidents, against just 11% a year ago. Windows botnets continue to rise. The share of attacks using them grew by 3 percentage points to 5.64%.
The upswing in cybercriminal interest in such resources could be linked to the spread of COVID-19, which has created more demand for distance-learning services and official sources of information. Although it is difficult to predict anything at a time of such global instability, it can be assumed that the attacks will not decrease: many organizations are now switching to remote working, and with that the set of viable targets is increasing.