Number of cyberattacks on educational, health and municipal sites tripled in Q1 2020
The overall number of cyberattacks grew during the first three months of the year, with a significant spike in attacks on municipal and educational sites, according to the Kaspersky Q1 2020 DDoS attacks report.
This can be due to the fact that criminals are taking advantage of the lockdown, in a time when people are stuck at home and are heavily reliant on digital resources.
If members of the public have seen conflicting messages about the virus and what preventive measures can be taken, they may look at official sources of information for more assured guidance. With this in mind, DDos actors use this against users.
The coronavirus Covid-19 pandemic has caused learning, work and leisure to shift to the online landscape.
The increased demand in online resources was noted by cyberattackers, who conducted attacks on the most vital digital services or those that are growing in popularity. Earlier this year, the US government's Department of Health and Human Services, a group of hospitals in Paris, and servers of an online game were all targets of DDoS attacks.
Kaspersky’s Q1 2020 DDoS attacks report also revealed notable growth in attacks on educational resources and cities’ official websites. In Q1 2020, this number tripled compared to the same period in 2019.
In general, the total amount of DDoS attacks in Q1 2020 has increased as well. During this period, Kaspersky DDoS Protection detected and blocked double the amount of attacks than in Q4 2019, and 80% more in comparison with Q1 2019. The average duration of attacks also grew significantly.
“Outage of internet services can be especially challenging for businesses now, because this is often the only way to make goods and services available to their customers. In addition, widespread adoption of remote working opens new vectors for those responsible for carrying out DDoS attacks. Previously most attacks were conducted against the public-facing resources of companies. We now see that DDoS attacks target internal infrastructure elements, for example, corporate VPN gateways or email servers,” said Alexey Kiselev, Business Development Manager on the Kaspersky DDoS Protection team.
To help organisations protect themselves from DDoS attacks, they should conduct a fault tolerance analysis of the firm's infrastructure to identify weak nodes and increase their reliability.
It is also worth considering DDoS protection for non-public services.