Complexity and size of DDoS attacks have increased in 2019

The complexity and size of DDoS attacks in 2019 has increased significantly compared to 2018. In a report published today by NaWas by NBIP, one of the largest DDoS scrubbing centers in Europe, concludes that despite the number of attacks has decreased slightly over 2019, their complexity and size has increased significantly. Twice a year the NBIP publishes a report with data on the DDoS attacks observed in the NaWas. The new DDoS Data report 2019 is available as of today.

The NaWas started in 2014 as a collective effort to mitigate DDoS attacks. Many hosters and other online service providers use the collective scrubbing center. In its six years of existence, the NaWas has successfully mitigated thousands of DDoS attacks. This separates the polluted traffic of the attacker(s) from the ‘clean’, legitimate traffic. This clean traffic is routed back to the participant via a separate connection via an internet exchange. In this way, the systems of participants in the NaWas remain available to users. Currently, the NaWas protects over 2.5 million .nl addresses. NaWas is also expanding and offering its services in a range of European countries.

Fewer attacks, more complexity and larger in size

Slightly fewer DDoS attacks were observed in the NaWas in 2019 compared to 2018 (919 attacks and 938 attacks respectively). In addition, the number of participants in the NaWas increased by almost 10%, which probably means that the relative decrease is greater.

However, attacks are becoming larger and more complex, says Octavia de Weerdt, managing director of NBIP. “The largest attack we observed in 2019 was 124 Gbps. The most complex attack used 30 vectors, i.e. 30 different methods to carry out a DDoS attack were combined into a single attack. In 2018, the largest attack we saw was 68 Gbps, while the maximum number of vectors was 12. These are big differences for which we unfortunately can’t give an immediate explanation.”

A persistent trend

The increasing complexity and size of DDoS attacks fits in with a trend that has been going on for several years. The NBIP has been publishing data on DDoS attacks observed by the NaWas since 2017. In that year there were no attacks of 40 Gbps or more, while in 2019 there were no attacks of less than 40 Gbps in the top 10 largest DDoS attacks.

De Weerdt: “There is a continuous arms race regarding DDoS attacks. Attackers try to find new vulnerabilities and methods to carry out a successful attack. Organizations that are victims of DDoS attacks meanwhile try to adapt their mitigation capabilities accordingly. This arms race will not end for the time being. For example, in the first quarter of 2020, we already observed a DDoS attack of 140 Gbps, and we have seen as many very large attacks of 40 Gbps or more as in the whole of 2019”.

Download report
Download infographic

Would you like more information or subscribe to our newsletter?