Virtual Event Today: Supply Chain Security Summit - Register Now

Security Experts:

Connect with us

Hi, what are you looking for?



Several DDoS Attack Records Broken in 2020

Several companies that provide services for mitigating distributed denial-of-service (DDoS) attacks reported seeing records being broken in 2020.

Several companies that provide services for mitigating distributed denial-of-service (DDoS) attacks reported seeing records being broken in 2020.

In a report published on Tuesday, Akamai said it saw the largest global DDoS extortion campaign, more customers attacked than in any other previous year, the largest ever attack in terms of million packets per second (Mpps), and a record number of new customers that urgently needed protection due to an ongoing or imminent attack.

The largest attack in terms of Mpps was disclosed by the company in June — it reached 809 Mpps and it targeted a European bank. The company also saw a 1.44 terabit per second (Tbps) attack, but Amazon and Google this year reported seeing 2.3 Tbps and 2.5 Tbps attacks, respectively. The attack disclosed by Google was actually launched in 2017, but it still appears to be the largest observed to date.

Akamai also reported that it had seen more customers targeted in DDoS attacks in November 2020 than in any previous month.

DDoS attacks in 2020

As for the major DDoS extortion campaign, the company noticed it last summer.

“This campaign featured show-of-force attacks upwards of 500 Gbps – a sign the criminals were very determined and highly capable of causing business-impacting disruption,” Akamai said. “A notable characteristic of this campaign was the level of reconnaissance conducted by the attackers prior to sending the extortion letters.”

Netscout also published some DDoS attack data on Tuesday, revealing that the number of attacks it observed last year exceeded 10 million, nearly 1.6 million more than in 2019.

“From March until the end of the year, DDoS attackers operated amidst the COVID-19 pandemic,” Netscout said. “While most of the world saw an unprecedented global health crisis, malicious actors saw new vulnerabilities and opportunity. It is seldom that annual activity is so deeply affected by one event, but such is the case with 2020 DDoS attack activity and trends. It is no coincidence that this milestone number of global attacks comes at a time when businesses have relied so heavily on online services to survive.”

“As cybercriminals quickly exploited pandemic-driven opportunities, we saw another kind of ‘new normal.’ Monthly DDoS attacks regularly exceeded 800,000 starting in March, as the pandemic lockdown took effect,” the company noted.

Kaspersky reported seeing an 88% increase in the number of DDoS attacks launched in 2020 compared to 2019.

“We suggest that this growth is caused by the pandemic and an increased reliance on web resources,” said Alexander Gutnikov, system analyst at Kaspersky’s DDoS prevention service. “For instance, in the first quarter of 2020, we identified a three-fold increase in attacks on educational and administrative resources, as they were extremely important. If people see conflicting messages about the virus and what preventive measures can be taken, they may look for official sources of information for more assured guidance. Many schools and universities also shifted to online lessons. It’s worth noting that the growth is quantitative, not qualitative: the share of sophisticated attacks that require an attacker to have skills to find the most effective attack vector has practically not changed.”

Tom Emmons, principal architect at Akamai, told SecurityWeek that they too noticed a rise in the total number of DDoS attacks launched last year, but he believes this data can be misleading “because some customers and industries are more frequently and regularly targeted by DDoS attacks – easily swaying the data depending on attacker activity.”

“The frequency of attacks was up about ~6% YOY, but the more noteworthy trends have been around the significant increase in the number of customers attacked (~22% YOY), the steady growth of attack size >50 Gbps, and the diversity of industries and verticals targeted by threat actors,” Emmons said.

Cloudflare also reported seeing some of the largest DDoS attacks in 2020.

*updated with information from Kaspersky

Related: Thousands of Unprotected RDP Servers Can Be Abused for DDoS Attacks

Related: Citrix Releases Updates to Prevent DDoS Attacks Abusing Its Appliances

Related: NXNSAttack: New DNS Vulnerability Allows Big DDoS Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.