Telia Carrier Notes 50 Percent Increase in DDoS Peak Attack Traffic

Telia Carrier published its 2021 DDoS Threat Landscape Report, noting a “staggering” 50 percent increase in peak attack traffic since 2019. This document analyzes Distributed Denial-of-Service data from the perspective of cyberthreats observed in traffic data from its AS1299 internet backbone.

Telia also revealed that attack traffic jumped to 1.18Tbps (Terabytes-per-second), or 887Mpps (Mega Packets-per-second).

The report provides an overall “snapshot” into Telia Carrier’s monitoring and mitigation efforts, revealing that the company wiped 57PB (petabytes) – or 14 tera packets – of malicious data in 2020 alone; average DDoS attack size was 19Gbps, or 23Mpps, with a mean duration of 10 minutes.

Other trends observed included greater instances of “high intensity attacks”; DNS (domain name system) and NTP (network time protocol) amplification attacks being the “most common” attack vectors in 2020; and overall peak activity logged during COVID-related lockdowns in the U.S. and Europe.

Telia Carrier also witnessed instances of “carpet bombing” – or larger, “coordinated attacks from multiple sources” on the “dynamically changing hosts” in a network – become more of a trend, instead of merely a “severe” outlier in “isolated” activities.

“Volume and frequency continues to increase,” said Telia Carrier head of Internet Services, Jorg Dekker. “Cyber criminals are using the huge bandwidth available across the Internet to target their victims with speed and ferocity from multiple launch points simultaneously. These dynamic and unpredictable attacks are precision planned and automated, so customers must fight fire with fire, by investing in auto-mitigation as they move away from static traffic inspection and mitigation.”