Network-Layer DDoS Attack Trends for Q1 2020

During Q1 2020, there was a significant increase in Internet traffic due to global shelter-in-place orders, leading to a surge in DDoS attacks. Most of these attacks were relatively small, with 92% under 10 Gbps and lasting between 30 to 60 minutes. The rise of smaller, shorter attacks can be attributed to the availability of cheap, easy-to-use tools for launching DDoS attacks. Despite this trend, larger attacks still persist, with the largest attack in Q1 peaking at over 550 Gbps. Persistent attackers have also increased their efforts during the pandemic, targeting a single Cloudflare IP address with as many as 311 attacks per day. The top DDoS attack vectors in Q1 were SYN (60.1%), ACK (12.4%), and CLDAP (5.3%). To combat these shifting trends, Cloudflare offers a comprehensive and adaptive DDoS protection solution that can mitigate attacks quickly and at scale.