According to Cloudflare ’s DDoS attack trends and highlights from 2021, ransom DDoS attacks increased by 29% year over year and 175% quarter over quarter in Q4 of 2021. With this in mind, Cloudflare investigated which industries and regions were most commonly targeted by attackers, as well as the patterns for various types of assaults.

The first half of 2021 witnessed massive ransomware and ransom DDoS attack campaigns that interrupted aspects of critical infrastructure around the world (including one of the largest petroleum pipeline system operators in the US) and a vulnerability in IT management software that targeted schools, public sector, travel organisations and credit unions, amongst many others.

POWERFUL BOTNET
The second half of the year recorded a growing swarm of one of the most powerful botnets deployed (Meris), as well as record-breaking HTTP DDoS attacks and network-layer attacks observed over the Cloudflare network. This besides the Log4j2 vulnerability (CVE-2021-44228) discovered in December that allows an attacker to execute code on a remote server — arguably one of the most severe vulnerabilities on the Internet since both Heartbleed and Shellshock.

Prominent attacks such as the ones listed above are but a few examples from the report that, Cloudflare states, “demonstrate a trend of intensifying cyber insecurity that affected everyone, from tech firms and government organisations to wineries and meat processing plants”.

Adds John Graham-Cummings, CCO, Cloudflare: “Q4 was very busy for DDoS attacks on the Internet. We saw a big increase in random DDoS attacks, as well as standard network-level DDoS aimed at knocking a service offline. This all points to DDoS attacks being relatively easy to perform and, via ransoms, a way to make money.”