A quick look at one cybersecurity firm’s Q4 DDoS attack trends explains why. Will more cyberattack surprises loom ahead this year?

How was the landscape for Distributed Denial of Service (DDoS) attacks in the last quarter of 2021?

According to one DDoS report, ransom DDoS attacks increased by 29% year-on-year and 175% quarter-on-quarter.

In the month of December alone, one in three respondents to the survey behind the DDoS report indicated they were being targeted/threatened by a ransom DDoS attack/attacker.

The report by Cloudfare was based on a survey of systems protected by its own cybersecurity products.

Some highlights of the report include:

  1. The top three target sectors for application-layer DDoS attacks were: manufacturing, business services and gambling/gaming
  2. Networks from China were responsible for the highest amount of attack traffic for the fourth year running. Networks from other Asian countries, including India, Thailand and Indonesia, were also ranked among the top 10 in attack traffic.
  3. Countries most heavily targeted by DDoS attacks were the US, Canada and Germany in the last  quarter of the year.
  4. The Log4j2 vulnerability (CVE-2021-44228) was also disclosed in December, and is arguably one of the most severe vulnerabilities on the Internet since both Heartbleed and Shellshock.
  5. Specifically in November, a persistent ransom DDoS campaign against VoIP providers was recorded around the world.
  6. Attacks originating from Moldova quadrupled in Q4 ’21 quarter-on-quarter, making it the country with the highest percentage of network-layer DDoS activity in Q4.
  7. Q4 2021 was the busiest quarter in 2021. Over 43% of all network-layer DDoS attacks took place in the fourth quarter of 2021.
  8. October was a relatively calmer month, while November—the month of the China Singles’ Day, the American Thanksgiving holiday, Black Friday, and Cyber Monday—the number of network-layer DDoS attacks nearly doubled.
  9. The number of observed attacks increased towards the final days of December as the world prepared to close out the year.

Overall, at least for the report’s user base, the total number of attacks in December alone was higher than all the attacks in Q2  2021 and almost equivalent to all attacks recorded in Q1 2021.