Q1 2021 Lumen DDoS Quarterly Report
The last year was another active one for the DDoS attack space. The common themes of recent years — increased complexity, frequency and scale — continued to drive the space with actors shifting and adopting tactics, techniques and procedures (TTPs), including multi-vector and mixed application layer attacks and diversifying their victim pools to maximize impact and/or profit. As an industry, we saw one of the largest attacks on record in the first quarter of 2020 with 2.3 Tbps*, followed by a slate of ransom DDoS (RDDoS) over the summer and fall targeting finance and healthcare, among other industries. In addition, the continued evolution of IoT botnets capable of waging DDoS attacks, coupled with widely accessible botnet source code and DDoS-for-rent infrastructure have reduced the minimum competencies required to launch attacks, further expanding the potential actor pool. Against this backdrop, today’s enterprises are challenged with a growing dependence on revenue from digital applications to serve and engage customers, an unprecedented uptick in traffic spurred by widespread reliance on digital services and the pressure to satisfy end user expectations for seamless application delivery and always-on performance. In our Lumen Quarterly DDoS Report for Q1 2021, we share our view of the DDoS landscape with findings that both reinforce and expand on these broader trends, with a look into DDoS threats based on intelligence from Black Lotus Labs®, as well as attack trends from the Lumen® DDoS Mitigation Service platform.