A matter of profit: DDoS attacks in Q4 2020 dropped by a third compared to Q3, as crypto mining is on the rise
The number of DDoS attacks detected by Kaspersky DDoS Prevention in Q4 2020 increased slightly compared to 2019. However, it is 31% less compared to Q3 2020. This drop can be connected to the growing interest in cryptocurrency mining.
As people began to spend more time online in 2020, it resulted in a boom of DDoS attacks. And in the fourth quarter, attacks on educational institutions continued: several schools in Massachusetts and Laurentian University in Canada experienced such incidents. Online gaming services also suffered DDoS attacks.
However, in Q4 2020 there were only 10% more attacks than in Q4 2019. And compared to Q3 2020, the number of attacks in Q4 2020 fell by 31%, while Q3 2020 also saw a drop compared to Q2.
Experts suggest that a surge in cryptocurrency costs can cause this. As a result, cybercriminals may have had to ‘re-profile some botnets so that C&C servers, which are typically used in DDoS attacks, could repurpose infected devices and use their computing power to mine cryptocurrencies instead.
This is further proved by KSN statistics. Throughout 2019, as well as at the beginning of 2020, the number of crypto miners dropped. However, from August 2020, the trend changed, with the amount of malware increasing slightly and reaching a plateau in Q4.
“The DDoS attack market is currently affected by two opposite trends. On the one hand, people still highly rely on stable work of online resources, making DDoS attacks a common choice for malefactors. However, with a spike in cryptocurrency prices, it may be more profitable to infect some devices with miners. As a result, we see that the total number of DDoS attacks in Q4 remained quite stable. And we can predict that this trend will continue in 2021,” comments Alexey Kiselev, Business Development Manager on the Kaspersky DDoS Protection team.
To stay protected against DDoS attacks, Kaspersky experts offer the following recommendations:
- Maintain web resource operations by assigning specialists who understand how to respond to DDoS attacks
- Validate third-party agreements and contact information, including those made with internet service providers. This helps teams quickly access agreements in case of an attack
- Implement professional solutions to safeguard your organization against DDoS attacks. For example, Kaspersky DDoS Protection combines Kaspersky’s extensive expertise in combating cyber threats and the company’s unique in-house developments
Read the full report on Securelist.
 Kaspersky Security Network (KSN) is a distributed infrastructure that works with various anti-malware protection components. The statistics consist of depersonalized metadata which is voluntarily provided by KSN participants among Kaspersky’s customers.