The web infrastructure provider and CDN Cloudflare has released its Denial of Service attack trends report for the last quarter of 2021. The DDoS Attack Trends for Q1 2021, which highlights the sharp increase in denial of service attacks suffered last year. Thus, during the first half of 2021 there were massive ransomware attacks, as well as large-scale DDoS attack campaigns that even disrupted various areas of critical infrastructure around the world.
In addition, a vulnerability in IT management software of Kaseya to attack schools, public sector entities, tourist companies and credit cooperatives. The second half of the year was characterized by the rise of a new botnet, Meris, which led to HTTP DDoS attacks, as well as network layer attacks, which broke all records to date.
Regarding the ransom DDoS attacks, increased 29% YoY and 175% in the fourth quarter of the year compared to the third. In December alone, one in three respondents to Cloudflare reporting claimed to have been the target of a ransom DDoS attack, or threatened by an attacker. Additionally, the last quarter of 2021 was the busiest for cybercriminals launching network layer DDoS attacks. There were more attacks in those three months than in each of the first two quarters of 2021.
Mind you, most were small, and Cloudflare was able to automatically mitigate dozens with peaks of 1 Tbps, in addition to others of which the peak of the largest was slightly below 2 Tbps. The report also highlights that there was a persistent ransom DDoS campaign against VoIP providers around the world in the last three months of 2021.
In 2021, the manufacturing, business services, and gaming sectors became prime targets for application layer DDoS attacks. Specifically, attacks on manufacturing companies rose in the fourth quarter of 2021 compared to the third by no less than 641%.
The countries from which they started these attacks are led for the fourth consecutive quarter by China, followed by the United States, Brazil and India. The country that has been the target of the most application layer DDoS attacks has been the United States, followed by Canada, Germany, France and Ukraine.