Can you still remember the time when you would wake up to the alarm every morning, hit snooze, wake up again (repeat a few times), and then start the mad dash to the office? Do you remember when your office coffee choices were left up to the mercy of the herd, and when you were forced to wear pants day after day? The changes to “office life” brought on by the COVID pandemic of 2020 certainly can be looked at in a positive light. Still, not all of it is awesome. Securing remote work will be the key to the future of distributed work.
Remember when your work computer was not the same as your personal computer and you were safely nestled in the cyber security implemented by your ever-ready IT department? If you received a suspicious email, encountered an unexpected pop-up, or went head to head with some Trojan horse, you had a guy for that just down the hall! With a 75% satisfaction rating for network security in American businesses, IT departments were doing a fantastic job at keeping breaches at bay and data protected. Then, along came 2020 and the infamous COVID pandemic.
In 2020, 62% of Americans began working from home, with 49% doing so for the very first time. Although there have been many upsides to this change both to employees and employers, cyber security has become a serious issue which has seen exponential growth over the past year. In fact, according to the FBI, cybercrime jumped by 300% just in early 2020. Add to that the statistic that targeted attacks against remote workers grew by 5x in the first 6 weeks of quarantine, and you get 20% of businesses reporting a cyber security breach that could be linked back to their employees.
There are a number of reasons why employees and their employers have become far more vulnerable due to remote work. For one thing, IT departments did not have time to prepare for the sudden switch to remote work, remote devices, and remote network connections. If there had been fair warning, they could have equipped their employees with the right security training and protocols and could have gotten the bugs worked out for remote connections to make it a safer process. However, we are all aware that the changes due to COVID were both sudden and harsh, and IT departments were left in an overwhelmed state, so much so that 20% of employees say they received no security tips at all.
On the employee’s side of things, there are many vulnerable spots for cyber criminals to exploit. Fifty-six percent of remote employees are using personal devices for work, but 25% of them have no idea what security protocols those devices have in place. Remote workers are also often using unsecured or glitchy WiFi, which leaves that door wide open for attack. Of course, they’re also using this exposed WiFi to connect to business networks; networks which were not designed to manage such a large quantity of remote connections.
Companies are certainly attempting to battle and resolve these vulnerabilities by implementing security protocols, such as multi-factor authentication. MFA is a decent attempt to plug up the holes. It can block 95% of bulk phishing attempts and stop 75% of targeted attacks, but it’s also too easy to hack. It would be bad enough if credential hacks were just for a single application, however most employees are reusing credentials for multiple programs, or they are using credentials that are easy to glean from social media. This is the reason that hackers were able to breach 500,000 Zoom accounts last year through credential stuffing (reusing credentials from previous hacks.) Sixty-three percent of data breaches exploit reused or weak passwords. Because of all this, an MFA just doesn’t fit the bill for the big job of making remote work secure.
Fortunately, there’s a better solution to the problem. In order to make logins truly secure, it’s best not to have a password to hack in the first place. Beyond Identity offers just that. They completely remove passwords and replace them with cryptography and biometrics. They also use risk-based authentication, which means that every signal, device, and user is assessed for risks at login. Their frictionless login means that there are zero out-of-band messages, which means there’s nothing for hackers to intercept and exploit. It’s the truly secure security system that meets the needs and demands of the remote business world.
StormWall analyzed the statistics of DDoS attacks conducted against its customers in Q1 2021.
StormWall, an international provider of solutions for protection against DDoS attacks, presents an analysis of the statistics of attacks recorded in Q1 2021. The statistics reflect the established attempts of DDoS attacks against StormWall customers from different countries of the world, representing various industries and sectors of the economy.
As our analysis showed, the intensity of DDoS attacks, in general, continues to grow. So, in Q1 2021, we recorded 25.4% more attacks on our customers than in the fourth quarter of 2020. The leaders in the number of attacks were e-commerce, construction, entertainment, telecommunications, as well as the financial sector.
We explain the increase in the number of attacks primarily by reducing the cost of conducting attacks and steadily reducing the cost of creating botnets, which in general leads to the increasing popularity of DDoS attacks among all kinds of attackers and unscrupulous competitors.
For comparison, the number of attacks in Q1 2021 increased by almost 40.9% compared to Q1 2020.
Statistics and dynamics of DDoS attacks by industry
Q1 2021, the largest share of attacks (42.7%) occurred in the entertainment sector. Compared to Q4 2020, the number of attacks increased by 28%, while their share increased by 2%. At the same time, the growth of the share of such attacks for the same periods of 2019-2020 was 7%. The decline in dynamics can be explained by mitigation of quarantine measures in several countries and regions – this led to the fact that the main users of entertainment resources began to spend less time on them, switching to business and entertainment in an offline format. Nevertheless, the sector remains the most attacked since hackers can cause large losses in a very short time and quickly get money through blackmail.
The second-largest share was made by attacks on telecom: the number of attacks on this sector increased by 51.2% compared to Q4 2020 – their share increased to 35.3%. (It should be noted that more than 40% of the clients we consider to be in the telecom sector are hosting service providers and cloud services.) This strong growth is due to the sharp increase in the importance of telecommunications for business, government, and society: in the era of the pandemic, data networks have become the main channel of interaction – communication, training, shopping, commercial transactions, etc.
The attackers could not help but notice this and therefore intensified DDoS attacks on the telecom sector with the aim of extortion and blackmail. In addition, the increase in demand for high-quality telecommunications caused an increase in competition, one of the tools in the hands of unscrupulous market players became DDoS attacks.
The third place was taken by the e-commerce sector – it recorded 9% of the total number of all DDoS attacks in Q1 2021. The number of attacks here increased by 19.1% compared to the previous quarter. The continued increase in the number of attacks is obviously due to the transfer of consumer purchases online – in online stores and on online platforms, which was the result of the ongoing mass quarantine measures in several countries and regions, as well as consumer habits that have changed during the quarantine. The attackers could not help but react to the growing popularity of e-commerce companies. Interestingly, online stores of finishing materials and furniture were most often attacked, which can be explained, on the one hand, by an increase in demand for these goods during a period of limited opportunities for vacation trips and, as a result, by the attackers ‘ interest in online furniture and DIY stores, and by the revenge of dissatisfied buyers.
In the construction sector (its share was 4.5%), the number of DDoS attacks increased by 18.2% compared to the previous quarter.
A small (up to 3.7%) increase in the share of DDoS attacks was observed in financial organizations. It is noteworthy that in Q1 2020, attacks were carried out mainly on banks, then a year later – on crypto services.
In the education sector (its share – 2.6%), the share of attacks decreased by 16.2% compared to Q4 2020. We attribute this dynamic primarily to a decrease in the share of distance learning. Nevertheless, their share is still several times higher compared to Q1 2020.
Statistics and dynamics of DDoS attacks by protocols
The most frequent attacks were of the packet flood type (on the network and transport layer of the OSI model) — the share of such attacks was 83.5%. The second-largest share — 16.5% — came from attacks on sites at the application layer (HTTP/HTTPS).
This is explained, on the one hand, by the fact that a significant part of DDoS attacks occurred on online games and telecom: in the first case, the flood at the TCP/UDP level is aimed directly at disabling the service, and in the second, attackers use the flood with a large number of small or large packets to overload the processor on routers or overflow communication channels. On the other hand, batch flooding was often more effective and cheaper than HTTP flooding, even if the target of the attack was a website: at the beginning of the year, new botnets appeared in
the Darknet that was quite affordable (from $250 per week), allowing you to organize attacks with a capacity of several hundred gigabits at the batch level.
It is noteworthy that just a year ago, the shares of batch flooding and application-layer attacks were almost equal — among StormWall clients, they accounted for 48% and 52% of cases, respectively. As we can see, the preferences of the organizers of a DDoS attack depend primarily on the combination of price/efficiency, and batch flooding often turned out to be more effective and cheaper, even if the target of the attack was a website or other service.
General trends and recommendations
The number of DDoS attacks, in general, continues to grow, and we have no reason to expect
them to decrease. Of concern is the sharp increase in the number of attacks with a capacity of more than 100 Gbit/s. Attacks with a maximum capacity of about 1 Tbit/s are no longer uncommon. We explain this dynamic primarily by the reduction in the cost of powerful botnets: increasing their affordability makes them a popular tool for conducting attacks.
According to our forecasts, the power of DDoS attacks will also increase due to the development of 5G networks, which will make DDoS attacks with a capacity of more than 1 Gb/s quite accessible-it will be almost impossible to repel them without specialized means of protection.
In addition, we expect the emergence of new types of DDoS attacks, which are presumably aimed at the UDP protocol, since applications based on it (primarily online games) are significantly more vulnerable to DDoS attacks than those using the TCP protocol.
Given the serious financial and reputational damage caused by DDoS attacks, organizations should take care of long-term protection against them and purchase a reliable solution that can protect against DDoS attacks of various types, including so-called smart attacks.
This report was brought to you by StormWall, a service that provides anti-ddos services for your online projects.
What do basketball and cybersecurity have in common? More than you think. When you break down the stats, it’s usually all about finding the hidden threat before its too late.
Cybersecurity has zero days and ransomware attack vectors. Our news outlets have been flooded with them lately: Colonial Pipeline, JBS Foods, AXA, and the list keeps growing.
Basketball just posted its NBA 2020-21 season stats. Tobias Harris just posted many career highs, including a narrow miss of the elite 50-40-90 club and arguably had better stats than first team All NBA star Kawhi Leonard.
Learn more in finding the hidden threat below courtesy of Pondurance