Research by network intelligence specialists at Nokia Deepfield shows that the majority of distributed denial-of-service (DDoS) attacks originate from fewer than 50 hosting companies.
The team analyzed a substantial sample of networks and traced the sources of most DDoS activity, looking at both frequency and traffic volume. Their analysis reveals a concentrated origin for the bulk of attacks, rather than a wide distribution across many providers.
Nokia Deepfield launched this research after observing that DDoS traffic rose by 40–50 percent following the COVID-19 lockdowns. Since that initial surge, the intensity, frequency, and sophistication of attacks have continued to escalate.
Daily peak DDoS volumes have reached new heights: the high-water mark climbed from approximately 1.5 Tbps in January 2020 to more than 3 Tbps by May 2021, representing a 100 percent increase in peak capacity.
As global reliance on resilient connectivity has grown, cybercriminals have increasingly exploited that dependence, driving a rise in DDoS campaigns and related malware activity that threaten access to services and content.
Dr. Craig Labovitz, CTO of Nokia Deepfield, emphasized the shared responsibility for addressing the threat:
“It is equally important for every participant in the network security ecosystem – end users, vendors, service providers, cloud builders, regulators, and governments – to understand the dangers DDoS poses to the availability of internet content, applications, and critical connectivity services.
With this knowledge and a community commitment to solving the DDoS problem, we can go a long way towards making our networks, services, and subscribers more secure.”
To counter these evolving threats, Nokia recently upgraded its Deepfield Defender solution. The enhancement enables scalable mitigation of volumetric DDoS attacks at the network edge, supporting mitigation at petabit-level capacity and allowing operators to absorb large-scale traffic surges without service disruption.
“We take a unique approach in leveraging the combined power of high-performance IP networks and big data analytics to protect the network on all fronts from all volumetric DDoS attacks, at petabit scale, without lifting a hand,” Dr. Labovitz added. The solution is designed to help network operators significantly improve the security and availability of their services for all customers.
(Photo by JJ Ying on Unsplash)
Find out more about Digital Transformation Week North America, taking place on November 9–10, 2021. This virtual event explores advanced digital transformation strategies for organizations operating in an increasingly connected world.