Skip to main content

Cloudflare reports a massive 175% increase in DDoS attacks

Cloudflare, a web infrastructure and security company, has just released a report titled “DDoS Attack Trends for Q4 2021.” According to Cloudflare, 2021 has been a particularly bad year in terms of DDoS attacks.

Ransom distributed denial of service (DDoS) attacks increased by over 175 percent quarter over quarter, highlighting the large scale of the problem described by Cloudflare.

DDoS report by Cloudflare.
Image source: Cloudflare Image used with permission by copyright holder

In its quarterly report, Cloudflare details the attacks that took place over the last part of 2021 and provides a summary of what happened during the first half of the year. It seems that 2021 was a bad year all around when it comes to DDoS campaigns.

The first half of the year saw massive ransomware attacks that affected parts of critical infrastructure all around the world, as well as a vulnerability in IT management software. This vulnerability targeted the public sector, credit unions, schools, and other essential services.

Things didn’t improve as the year went on. Cloudflare saw the rise of a new botnet called Meris during the second half of 2021. It appeared in mid-2021 and bombarded organizations all around the world with some of the biggest HTTP attacks ever recorded. This includes a 17.2 million requests-per-second (rps) attack that Cloudflare automatically intercepted.

The two last quarters of 2021 saw also the appearance of one of the most severe vulnerabilities ever recorded on the internet. The Log4j2 vulnerability was discovered in December and proved to be very dangerous — it allows an attacker to execute code on a remote server without requiring physical access.

In the latter portion of the report, Cloudflare talks about the rising trend of DDoS attacks that are demonstrative of how much cyber insecurity has increased in 2021. The numbers certainly prove a point: In the fourth quarter of 2021, ransom DDoS attacks increased by 29% year over year and 175% quarter over quarter. Just in the month of December, one out of every three survey respondents reported that they were the target of a ransom DDoS attack or were threatened by the attacker.

DDoS report by Cloudflare.
Image source: Cloudflare Image used with permission by copyright holder

Cloudflare also noted an increase in application-layer DDoS attacks, where the manufacturing industry was hit the hardest during the last quarter of the year. Cloudflare reported a tremendous increase in the number of attacks of 641% quarter over quarter. Aside from the manufacturing sector, the attacks were mostly centered around business services, gaming, and gambling industries.

When it comes to network-layer DDoS campaigns, the latter portion of 2021 was, again, the busiest, with December being the worst month. The combined attacks observed in the first and second quarters of 2021 were still less than the ones that took place in December alone. November saw the rise of ransom campaigns made against voice over internet protocol (VoIP) providers.

Cloudflare states that the majority of the attacks were small, but they grew in strength as the year went on, resulting in dozens of attacks over 1Tbps that were mitigated by Cloudflare, one of which peaked at just under 2Tbps. The majority of the attacks originated from China, although the fourth quarter saw a rise in attacks from Moldova. Campaigns from that country quadrupled quarter over quarter.

As cybersecurity continues to be a target of attacks, it’s more important than ever for businesses and individuals alike to stay safe and fortify their systems. Cloudflare stated that it aims to make it easy and free for organizations of all sizes to stay protected against all kinds of DDoS attacks.

Monica J. White
Monica is a UK-based freelance writer and self-proclaimed geek. A firm believer in the "PC building is just like expensive…
Hackers just launched the largest HTTPS DDoS attack in history
A depiction of a hacker breaking into a system via the use of code.

The largest ​​HTTPS distributed denial-of-service (DDoS) attack in history materialized last week, Cloudflare has confirmed.

Cloudflare, which specializes in DDoS mitigation, announced that it successfully prevented the record-breaking onslaught before it could inflict any real damage.

Read more
Cloudflare just stopped one of the largest DDoS attacks ever
Hands on a laptop.

Cloudflare, a company that specializes in web security and distributed denial of service (DDoS) attack mitigation, just reported that it managed to stop an attack of an unprecedented scale.

The HTTPS DDoS attack was one of the largest such attacks ever recorded, and it came from unusual sources -- data centers.

Read more
Microsoft stopped the largest DDoS attack ever reported
Nvidia T4 Enterprise Server Wall

Distributed Denial-of-Service (DDoS) attacks have become more common, and Microsoft recently published a blog post looking into the trends for such attacks on its own servers. In that post, the company says that, at one point, it stopped one of the largest-ever-recorded DDoS attacks on a Microsoft Azure server in Asia.

According to Microsoft's data, in November, an unnamed Azure customer in Asia was targeted with a DDoS attack with a throughput of 3.47 Tbps and a packet rate of 340 million packets per second (pps.) The attack came from 10,000 sources from multiple countries across the globe, including China, South Korea, Russia, Iran, and Taiwan. The attack itself lasted 15 minutes. Yet it is not the first one of such scale, as there were two additional attacks, one of 3.25 Tbps and another of 2.55 Tbps in December in Asia.

Read more