The word “unprecedented” has never been used so much as it has during 2020. And in the latest of many unprecedented events, July saw the two largest recorded DDoS attacks of the year so far.
As revealed in our July 2020 Cyber Threat Index Report, published today, Imperva Research Labs recorded two separate DDoS attacks between July 1 and 31, each remarkable in its size and scope.
The first of these was an application layer – or layer 7 – attack on a Chinese gambling site. Originating from 851 different source IPs, the attack lasted less than 10 minutes, during which time it reached an incredible 689,000 requests per second (RPS) at its peak – an intensity that would quickly have overwhelmed the site’s servers, bringing it to a grinding halt.
The second attack was a massive network layer – layers 3 and 4 – attack against a single target in India. Reaching 398 gigabits per second (GBPS), the attack was made up of a syn flood (76% of its packets were between 0 and 100 bytes), augmented by a large syn flood (24% were between 100 and 900 bytes).
Ongoing and increasing trend
The DDoS attacks recorded in July were unprecedented, certainly for 2020. But, although their size and intensity make them exceptional, it’s worth noting that they’re symptomatic of an increasing trend of larger and longer application attacks.
In fact, there were 12 major application DDoS attacks with a volume of over 150,000 RPS during July, making it the third month in a row this year in which we recorded multiple layer attacks of increased size and/or duration. And, if you cast your mind back to the 2019 Global DDoS Threat Landscape Report, you’ll recall that we recorded a network attack last year that, at 580 GBPS, was the largest ever recorded, followed a few months by an application attack which lasted for 13 days and peaked at 292,000 RPS.
Much of this year’s attack activity may be down to the global disruption caused by the COVID-19 pandemic, particularly as workers have been largely required to work from home in an effort to slow the spread of the virus.
As businesses continue to adjust to online traffic demands, we’ve seen how it has impacted application attack surfaces. While network traffic continues to vary, DDoS attacks are growing in size and frequency.
July’s attacks are only one result of an ongoing trend as more businesses rely on digital uptime and presence for success. In an increasingly digital world, businesses must be prepared to defend their sites and customer uptime.
The Cyber Threat Index
You can find more details of July’s unprecedented DDoS attacks, along with other key insights into the threat landscape in the latest Cyber Threat Index, here.
A monthly measurement and analysis of the global cyber threat landscape across data and applications, the Cyber Threat Index is based on data gathered from Imperva sensors all over the world – including over 25 petabytes of network traffic through the Imperva CDN each month.
With over one trillion total requests analyzed and 21 billion applications blocked, it offers an unrivalled comprehensive look at application security and provides an easy-to-understand score to consistently track cyber threat levels and observe trends over time. Viewers can dive deeper into the score and drill down for individual industries and countries, and also view historic Index scores.