Skip to main content

DDoS and password login attacks surged during pandemic

(Image credit: Image Credit: Sergey Nivens / Shutterstock)

It's well-documented that cyberattacks (opens in new tab) against both businesses and consumers increased substantially as the result of the Covid-19 pandemic.

However, fresh figures from F5 Labs have revealed a little more about the methods and priorities of cybercriminals.

An analysis of data gathered by the firm's Security Incident Response Team (SIRT) shows there has been a “significant spike” in DDoS and password login attacks since the start of the pandemic.

In March, incidents began to “rise sharply” and then reached a peak in April, during which month three times the usual number of attacks were recorded.

Businesses caught a breather in May and June, as the number of reported incidents began to fall back into “normal”. However, in July, the number of incidents was again up, this time to twice the level recorded in 2019.

Most of the attacks were split between two types: Distributed Denial of Service (DDoS) attacks and password login attacks, with the latter category encompassing brute force and credential stuffing.

In the first half of the year, almost half (45 percent) of SIRT reported incidents (opens in new tab) were DDoS attacks, while 43 percent were password login attacks. The remaining 12 percent were made up of malware, web attacks and other unclassified campaigns.

“Expect more turbulence on the horizon as Covid-19 continues to evolve and wield an economic impact,” said Raymond Pompon, Director of F5 Labs.

“This year’s holiday shopping season, for example, will be more online than ever and under intense fire from cybercriminals. One thing is clear: our rising usage and dependence on technology have also brought increased levels of already growing attack trends.”

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.