DDoS Pandemic: How The Corona Crisis Spurred Some of the Biggest DDoS Attacks

And Why You Should Care

By Ramil Khantimirov, CEO and co-founder of StormWall

Do you remember when last time, when you were watching a movie or browsing your favorite e-commerce site and the thing suddenly stopped loading? And that page refresh indicator at the top-right of the screen just kept endlessly spinning, yet, you had the perfect 5 bars of connection?

Let’s be frank, being connected to the Internet and yet not being able to access a website is extraordinarily aggravating.

Well, chances are, you had this experience because the website you were trying to access fell victim to a DDoS attack. If your website isn’t protected, your visitors are likely to experience the same.

What’s more, while DDoS creates bad enough situations for the user, the impact on a business is far more significant. Website downtime means the company isn’t making money and losses can quickly soar into millions.

Understanding the threat

To understand what a Distributed Denial of Service attack or DDoS for short, we first need to understand the basics of how the Internet works. Now, if you are tech-savvy, feel free to skip this section. But for everyone else, here is a concise explanation.

Every single website on the Internet is physically hosted on a server. Usually, a server is specifically configured as a computer that hosts or holds information for one or multiple websites.

It’s important to understand that a browser, like Chrome, Safari, or Firefox, is not where the website “lives.” The browser is just a piece of software that renders the website content and displays it to the user in human-readable form.

But before it can do that, the browser needs to fetch the information from the server. The way the browser receives information is with something called an HTTP request. Essentially, the browser says:

– Hey, server, send me that article about DDoS attacks.

And the server replies with something along the lines of:

– Ok, sure, here’s your article — and sends information to the server over a network protocol. 

This incoming information is called a response.

You can imagine the whole Internet like a series of requests and responses, constantly exchanging information between billions of browsers and servers.

Now, just for a second, imagine that every request and response is a car that is carrying information via an imaginary traffic-route. Connection type, network speed, server configuration, and even signal strength all play a role in the amount of traffic that route can accommodate.

Some routes are like interstate highways, while others are more like country double-track gravel roads. But, of course, even a 16 lane highway can accommodate only so-many cars at a time.

Usually, that is not a problem because most popular websites are served by the widest routes, while smaller platforms scarcely receive enough traffic to create a jam.

Until a DDoS Attack Comes Along

DDoS attacks use networks of malware-infected devices, called botnets, to generate millions of fake requests, clogging the network and halting the website to a crawl. Essentially they create a “traffic jam”.

That’s why that annoying spinning page-load indicator keeps on turning as if the site is about to load. But it never happens, and the server can’t even serve a user-friendly error message to ask the customer to come back later. The website becomes totally unresponsive.

DDoS Attacks are on the Rise During the Pandemic

Based on multiple sources, the number of DDoS attacks in the first half of 2020 grew nearly 100% compared to the same period in 2019. But it’s not just the frequency of attacks that are growing. So is the scale.

For example, Neustar’s Security Operations center observed one of the largest DDoS attacks in the first half of 2020. The enormous botnet was sending 1.17 terabits of traffic per-second over five days and 18 hours to an unnamed victim. To make the scale clearer, 1 terabit roughly equals 125 gigabytes. That’s about half the storage of an entry-level MacBook Pro, being sent to a website every second.

The largest DDoS attack ever recorded also took place in 2020, February 2020, to be more precise. That’s when Amazon Web Services reported that they mitigated a mind-boggling 2.2 terabit attack that would have reportedly rendered thousands of their hosted clients unusable for an unknown period of time.

The rising scale and severity of attacks showcases an alarming trend. Some experts believe that the total number of DDoS attacks per year, which already cloaked 10 million in 2020, will rise to 12 million in 2021 and nearly 14 million in 2022.

The worrying statistics are directly related to another pandemic — the Corona one. With more and more people working from home, using delivery services, and just generally spending time online, cybercriminals get more targets — and reasons — to cause online mayhem.

Businesses Need to Get Protection Now

Unfortunately, the online industry is still largely unarmed against DDoS. While huge tech-companies are mostly well-protected, medium and small businesses often neglect DDoS protection until the moment they are hit by an attack.

Unless companies begin to act in advance, cybercriminals will continue to find victims, and the trend will persist.

It’s not all gloom and doom, though. Just like a vaccine protects against the Coronavirus, setting up DDoS protection almost guarantees that the company’s web infrastructure will mitigate an account. The good news is that getting protection is simple. There are online services like StormWall that specialize in DDoS protection and work on a subscription basis, with highly-trained staff ready to take you through the integration process in mere minutes.