SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Record number of cyberattacks over Black Friday weekend
Fri, 3rd Dec 2021
FYI, this story is more than a year old

There were a record number of cyberattacks over Black Friday weekend, with companies facing a flood of DDoS attacks, according to new research from IT security provider, Link11.

The research shows that Black Friday weekend attracted bargain hunters to the Internet. It shows that cybercriminals also tried to take advantage of the opportunity.

According to the Link11 Security Operations Center analysis, cybercriminals targeted companies with DDoS attacks to damage them or extort bitcoin. However, this year's number of attacks was even higher than expected and set worrying records.

Ahead of Cyber Weekend, Action Fraud, the UK's national reporting centre for fraud and cybercrime, released a report warning online shoppers that over 28,000 people were conned out of their money in 2020. In total, more than 2.5 million were lost to cybercriminals during the same period last year, with an average loss of almost 550 per victim.

Black Friday and Cyber Monday, most affected by DDoS attacks

During the Black Friday and Cyber Monday weekend, LSOC recorded increased DDoS attack activity across its global network. However, attacks were particularly frequent on Black Friday and Cyber Monday. In this case, the increase in DDoS attacks compared to the previous year was over 200%. In addition to eCommerce providers, payment service providers and logistics companies, the attackers often targeted hosting and cloud providers and ISPs that provide the digital infrastructure for online business.

Record-breaking attack bandwidths

For applications, online services and networks that generally experience high load peaks, even relatively small DDoS attacks are enough to result in overload. To economise their resources, attackers therefore usually refrain from oversized attacks and choose their strikes to be as small as possible.

However, over the cyber weekend, LSOC recorded a bandwidth record of 1.1 Tbps. The attack volume of the botnet attack that targeted a hosting provider in Germany on Sunday was generated via a UDP flood alone. If the perpetrators had additionally used amplification techniques such as DNS or CLDAP reflection amplification, the attack volume would have been significantly higher again. The so-called amplification factor for these frequently used DDoS vectors is 54 for DNS and 70 for CLDAP.

Numerous hyper-attacks accompanied the record attack. Bandwidth peaks of over 100 Gbps were recorded in 20 other attacks over the cyber weekend.

"The figures from our network send a clear message," says Link11 vice president marketing, Rolf Gierhard.

"Instead of Cyber Weekend, it should be called Cybercrime Weekend," he says.

"DDoS attacks during seasonal shopping events are already the norm. Therefore, we cannot give the all-clear for the coming weeks of digital Christmas shopping."

Gierhard says it is best to invest in scalable, cloud-based protection solutions that can withstand attacks in the terabit range for online retailers who want to benefit from the sales peaks in a fail-safe manner.

"This keeps the focus on the core business, and the online store team isn't burdened with additional emergency measures."