The number of ransomware DDoS attacks has dropped significantly

According to statistics from Cloudflare, in the first quarter of 2022, the number of ransomware DDoS attacks (so-called RDDoS) decreased to 3% of the total. Back in December 2021, such attacks accounted for 28% of all incidents.

RDDoS attacks, in fact, are ordinary DDoS, when hackers send huge traffic flows to the services of the victim company, which leads to their shutdown. But, unlike conventional attacks, in this case, the attackers demand a ransom to stop the attack. The fact is that hackers have long ago discovered that for many companies, a disruption in operation can be a strong stimulus to pay a ransom, especially if the downtime is associated with significant financial losses.

Such ransomware DDoS attacks have plummeted in 2022, according to Cloudflare, with only 17% of Cloudflare customers reporting ransomware in January, 6% in February, and just 3% in March.

The current figure is 28% less than last year and 52% less than in the last quarter of 2021, when the number of ransomware DDoS attacks was up to 28% per month. Interestingly, the reason for such a sharp drop remains unclear at the moment.

Ransomware DDoS attacks

In other Q1 2022 trends, Cloudflare is reporting a notable increase in application-level DDoS attacks, up 164% year-on-year. The most notable trends in this area were a 5086% increase in application-layer attacks targeting the consumer electronics sector, as well as a 2131% increase in attacks on Internet media compared to the previous quarter.

Ransomware DDoS attacks

As another emerging trend, analysts call the growth of reflected and enhanced attacks, including the use of new techniques, which were recently reported. For example, Cloudflare’s report describes a real-world use case for this tactic when the Lantronix Discovery Protocol was used on a large number of IoT devices. The attackers used 4-byte requests to public Lantronix devices and received a 30-byte response, thereby obtaining a gain of 7.5.

Ransomware DDoS attacks

Ransomware DDoS attacks

In addition, Cloudflare reports a sharp increase in volumetric DDoS attacks, with attacks over 100Gbps up 645% quarter-on-quarter and attacks over 10Mpps up over 300% compared to previous quarter. Such attacks differ from classic DDoS attacks in that in this case, the attackers focus on sending as many unwanted HTTP requests as possible to the victim’s server in order to load its CPU and RAM, preventing users from using the targeted sites.

Let me remind you that we talked about the fact that Microsoft has recorded a record DDoS attack, with a capacity of 3.47 Tb/s, and also, for example, that DDoS attacks on Andorra turned out to be related to the Squid Game Minecraft tournament.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button