DDoS Defense: 2021 Trends and 2022 Predictions
Keeping up with the latest cybersecurity trends is a continuous journey—because no matter how vigilant a company is or how well they orchestrate their cyber defenses, bad actors are highly motivated to evolve their methods, find new vulnerabilities, and exploit them.
2021 was a busy year for cybersecurity, showcasing how quickly attack-method preferences can change, the seasonality of attack volume, and the continuing trend of increased threat complexity. Several high-profile cyberattacks even made front-page news, which is perhaps no surprise considering global weekly attacks per organization increased by 50% compared with 2020.*
Considering these trends, it’s crucial for companies to be well-informed of the ever-evolving cybersecurity landscape, so they can better prepare to identify and mitigate their vulnerabilities. Luckily, Lumen and its threat-intelligence arm Black Lotus Labs constantly monitor the cyberthreat space to help protect businesses and keep the Internet clean. Check out some of our key cybersecurity takeaways from 2021 and our predictions for how attacks may evolve in the year ahead.
- Beware of Ransom DDoS: Hackers are looking to cash in on their activities, which is one of the reasons we saw more of a reliance on Ransom DDoS in 2021. From May through July, Ransom DDoS was the primary mode of attack for bad actors. And while most ransom notes called for bitcoin, some requested for payments to be made in Monero instead. Read our Q2 report for a deeper dive into Ransom DDoS activities.
- Voice providers are a prime target: In Q3 we observed many voice providers come under attack, as security isn’t traditionally inherent in voice over internet protocol (VoIP) solutions.
- Watch out for reflection attacks: Hackers use reflection-style attacks because they’re relatively easy to deploy and can generate very large attacks. Whether it’s CLDAP, NTP, DNS, SSDP, or other protocols susceptible to amplified reflection attacks, hackers rely on this vector category to cause significant damage. Read our Q3 report for an in-depth review of spoofed reflection attacks.
- Spikes and lulls in Ransom DDoS: Lumen expects to see Ransom DDoS attacks used more seasonally this year. Dry periods will likely be followed by a flurry of activity—with attackers opting for a shock and awe campaign. Major attacks will also likely inspire copycat activity.
- More sophisticated multi-vector attacks: We already saw an increase in attack complexity throughout 2021, and that will continue throughout 2022. We expect to see the largest volumetric attack on record this year as botnets continue to grow in size and complexity. You can also expect growth in Layer 7 attacks, leading to the need for web application protection and bot management to protect new application-driven revenues.
- Increased nation-state activity due to political landscape in Eastern Europe: Given the political landscape in Eastern Europe, Lumen expects to see an increase in nation-state–sponsored attacks in 2022. As these attacks become more prevalent, and considering successful collaborative takedowns such as Emotet last year, we also anticipate that industry–government collaborations will bear more fruit in 2022. In addition, businesses and government entities should be prepared to defend against direct campaigns—including ransomware, DDoS and attacks against critical infrastructure—and collateral damage.
Black Lotus labs and Lumen will continue to do our part in keeping the Internet a safe place. Read Lumen’s Quarterly DDoS Report to learn about the latest threats and trends. Experiencing an active attack? Activate Lumen DDoS Hyper in minutes.
This content is provided for informational purposes only and may require additional research and substantiation by the end user. In addition, the information is provided “as is” without any warranty or condition of any kind, either express or implied. Use of this information is at the end user’s own risk. Lumen does not warrant that the information will meet the end user’s requirements or that the implementation or usage of this information will result in the desired outcome of the end user. All third-party company and product or service names referenced in this article are for identification purposes only and do not imply endorsement or affiliation with Lumen. This document represents Lumen’s products and offerings as of the date of issue. Services not available everywhere. Business customers only. Lumen may change or cancel products and services or substitute similar products and services at its sole discretion without notice. ©2022 Lumen Technologies. All Rights Reserved.