Skip to main content

DDoS and password login attacks surged during pandemic

(Image credit: Image Credit: Sergey Nivens / Shutterstock)

It's well-documented that cyberattacks against both businesses and consumers increased substantially as the result of the Covid-19 pandemic.

However, fresh figures from F5 Labs have revealed a little more about the methods and priorities of cybercriminals.

An analysis of data gathered by the firm's Security Incident Response Team (SIRT) shows there has been a “significant spike” in DDoS and password login attacks since the start of the pandemic.

In March, incidents began to “rise sharply” and then reached a peak in April, during which month three times the usual number of attacks were recorded.

Businesses caught a breather in May and June, as the number of reported incidents began to fall back into “normal”. However, in July, the number of incidents was again up, this time to twice the level recorded in 2019.

Most of the attacks were split between two types: Distributed Denial of Service (DDoS) attacks and password login attacks, with the latter category encompassing brute force and credential stuffing.

In the first half of the year, almost half (45 percent) of SIRT reported incidents were DDoS attacks, while 43 percent were password login attacks. The remaining 12 percent were made up of malware, web attacks and other unclassified campaigns.

“Expect more turbulence on the horizon as Covid-19 continues to evolve and wield an economic impact,” said Raymond Pompon, Director of F5 Labs.

“This year’s holiday shopping season, for example, will be more online than ever and under intense fire from cybercriminals. One thing is clear: our rising usage and dependence on technology have also brought increased levels of already growing attack trends.”