Comcast Business 2021 DDoS Threat Report: DDoS Becomes a Bigger Priority as Multi-vector Attacks Are on the Rise

Comcast Business published results from its 2021 Comcast Business DDoS Threat Report. The report provides an overview of the Distributed Denial of Service (DDoS) attack landscape, trends experienced by Comcast Business customers and insights for measuring and mitigating risks. The report found that mulit-vector DDoS attacks targeting Layers 3, 4, and 7 simultaneously represent a 47 percent increase from the record number set in 2020.

Also Read: DigitalReef Acquires Connected TV Advertising Management Platform Column6

“DDoS attacks, when they occur, can be costly and difficult to defend. The risk of losing network, server and application availability is higher than ever,” said Shena Seneca Tharnish, Vice President, Cybersecurity Products, Comcast Business. “With threat actors constantly innovating, organizations must stay vigilant to help protect their infrastructure from bad actors determined to cause financial and reputational damage.”

The report indicates that 2021 was another record year for DDoS attacks, as Comcast Business DDoS Mitigation Services successfully identified and helped defend 24,845 multi-vector attacks targeting Layers 3,4, and 7 simultaneously. Overall, 69 percent of Comcast Business customers experienced DDoS attacks, a 41 percent increase over 2020, while 55 percent were targets of mulit-vector attacks, as opposed to in 2020 where most customers experienced single vector attacks.

The data also shows that DDoS attackers were indiscriminate and persistent as no verticals were spared and everyone was fair game – from tow truck drivers to churches, government, utilities, IT companies, online gambling sites, and manufacturing operations. However, the healthcare and education sectors remain favorite targets.

Seventy-three percent of all multi-vector attacks targeted the education, finance, government and healthcare sectors, likely due to vulnerabilities brought on by the COVID-19 pandemic. Threat actors also used industry-specific seasonal trends and activities to guide attacks and maximize impact.

Attacks on education customers followed the cadence of a typical school year, starting strong in January before taking a significant dip over the summer when schools were out, while the financial sector experienced a 3X uptick in attacks during November and December compared to the rest of the year.