Content, Content

DDoS Attacks Target Healthcare, Education Markets, Research Finds

CDN – Content Delivery Network – Content Distribution Network – A Network of Proxy Server and Data Center Locations Distributed Throughout the World – 3D Illustration

The healthcare and education sectors remain favorite targets of multi-vector Distributed Denial of Service (DDoS) attackers, Comcast Business said in a new report.

The report found that overall multi-vector DDoS attacks targeting Layers 3, 4, and 7 simultaneously represent a 47 percent increase in 2021 from the record number set in 2020. Layer 3 attacks target the network layer, while layer 4 and 7 attacks aim at the transport layer or application layer processes.

Nearly three-quarters (73%) of all multi-vector attacks targeted the education, finance, government and healthcare sectors, Comast said in its 2021 Comcast Business DDoS Threat Report, largely attributing the concentration of attacks on those sectors to the pandemic.

Overall, 69 percent of Comcast Business customers experienced DDoS attacks, a 41 percent increase over 2020, while 55 percent were targets of multi-vector attacks, as opposed to 2020 when most customers experienced single vector attacks, the company said.

Attacks on education customers followed the pattern of a typical school year, starting strong in January before taking a significant dip over the summer when schools were out. By comparison, the financial sector experienced a 3X uptick in attacks during November and December as measured against the rest of the year.

“DDoS attacks, when they occur, can be costly and difficult to defend,” said Shena Seneca Tharnish, Comcast Business cybersecurity products vice president. “The risk of losing network, server and application availability is higher than ever. With threat actors constantly innovating, organizations must stay vigilant to help protect their infrastructure from bad actors determined to cause financial and reputational damage."

According to Comcast Business, its DDos Mitigation Services successfully identified and helped defend 24,845 multi-vector attacks targeting Layers 3,4, and 7 simultaneously.

Additional key findings from the report include:

  • Attacks on information technology customers grew steadily, ending the year at 10X the January numbers.
  • 98 percent of all multi-vector attacks were under 5 Gbps, as bad actors often strike at low volumes to avoid detection, degrade site performance and map out network vulnerabilities for reconnaissance.
  • 69 percent of all multi-vector attacks lasted under 10 minutes, as short duration attacks are harder to detect and give IT organizations less time to respond, quickly overwhelming defenses.
  • The number of vectors deployed in a single multi-vector attack increased from five to 15, while the number of amplification protocols used in multi-vector attacks increased from three to nine.
  • 99 percent of customers experienced repeat attacks, while the largest and most severe attack was delivered at a rate of 242 Gbps.
D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.