New research from Cloudflare details cyber-attack trends of 2021 so far

The telecommunications industry is facing an increased threat of distributed denial-of-service (DDoS) attacks, according to a new report.

Cloudflare’s new research, released earlier this week, details DDoS attacks and trends for the first quarter of 2021.

In the findings, the web infrastructure and security company notes that the telecommunications industry was the most targeted sector in the first three months of the year.

The sector made a “significant” jump from sixth place in Q4 2020 to become the number-one DDoS target in Q1 2021, followed by the consumer services industry, and the security and investigations industry.

‘Major disruption’

Cloudflare’s latest report is based on data taken from the company’s own DDoS mitigation platform that serves approximately 25 million users.

It found that January was Q1’s busiest month for attacks, constituting 42% of the total attacks observed in the quarter, followed by March with 34.2%, and February with 23.8%.

February itself saw the quarter’s largest attack, when Cloudflare observed one packet-flooding assault that clocked 300-400 gigabits per second (Gbps).


Read more of the latest DDoS attack news


In the first quarter of the year, a vast majority (over 97%) of the attacks observed were smaller than one million packets per second and 500 megabits per second (Mbps).

“This is a continuation of the trend we observed all of last year. However, this does not imply that these attacks are harmless,” the report reads.

It added: “Attacks under 500 Mbps are often sufficient to create major disruptions for internet properties that are not protected by a cloud-based DDoS protection service.

“Many organizations have uplinks provided by their service providers with less bandwidth capacity than 1 Gbps.

“Assuming their public-facing network interface also serves legitimate traffic, you can see how even DDoS attacks under 500 Mbps can easily take down internet properties.”

Trend watch

In the study, Cloudflare researchers also found that most DDoS attacks in the first quarter originated in China, with the nation bumping India from the dubious top spot.

Perhaps unsurprisingly given the size of the economy, Chinese enterprises were also subject to the most DDoS attacks in the same period.


RELATED Ransom-related DDoS attacks rise from the dead as attack vectors diversify


There was also a slight dip in the proportion of DDoS victims who received a ransom demand and promise to halt the assault upon payment, down from 17% to 13% year on year.

Another trend Cloudflare continues to see in 2021 is “the continued use of the new QUIC protocol for attacks,” Cloudflare CTO John Graham-Cumming told The Daily Swig.

The British software engineer added: “There was [also] a large increase in attacks using Jenkins and TeamSpeak3 servers. This is due to recently discovered vulnerabilities that DDoS attackers are exploiting.”

The full report can be found on the Cloudflare blog.


YOU MAY ALSO LIKE Surge in malware and cyber-attacks set to continue, Europol warns in SOCTA report