The 3rd quarter of 2021 saw an unprecedented increase in DDoS (Distributed-Denial-of Service) attacks worldwide. While companies in the United States were the most targeted, attacks on companies in the UK and Canada also skyrocketed, making them the 2nd and 3rd most prone to DDoS, respectively. What rings the alarm bells is that attacks on computer software, IT systems and networks and Internet companies increased on average by a phenomenal 573% compared to the previous quarter.



DDoS attacks, sometimes referred to as Distributed Network Attacks, take advantage of network and server capacities and limitations. Put simply, network resources, such as web servers, can only cope with a finite number of simultaneous requests. Moreover, the capacity of the server is also restricted by a finite bandwidth to the Internet. A hacker executing DDoS sends multiple and automated requests to a website, thereby exceeding its capacity to handle the requests. This input-output overload will either inhibit the functionality of the website or cause it to fail completely.




To successfully accomplish a DDoS attack, cybercriminals use a Botnet Zombie Network to send an overwhelmingly large number of requests to the victim’s website. The Zombie Network is a network of computers that have been infected by the hacker and over which they have complete control. The sheer scale of the requests means that the attacked website is often rendered inoperable.




Meris, which means ‘plague’ in Latvian, was one of the most proliferated DDoS botnets in Q3 2021. The malware targeted a financial services company, that prefers to remain anonymous, with its HTTP website recording 17.2 million rps (requests per second). Meris has also targeted several other organizations and IT networks around the world. The Meris botnet infected routers and other networking equipment manufactured by the Latvian company MikroTik, exploiting unpatched devices to create a new botnet and launch malicious DDoS attacks.




As mentioned, computer software and tech companies topped the charts when it came to DDoS attacks between July and September this year. Coming in second was the online gaming and gambling industry, also a target of many other attacks such as ransomware, phishing and Man-in-the-Middle (MITM). Most of these attacks originated from servers in China, and almost one out of every 200 HTTP requests were from the Asian country. Attacks from the United States and India were also common, although those from the U.S. decreased by 40%.




The intensity of DDoS attacks means that that you need automated and always-on protection. Here are 5 mitigative tactics to eliminate or significantly reduce the outset of a DDoS attack:


  • increase your bandwidth to handle any spikes caused by cyberattacks
  • implement server-level DDos protection
  • plan ahead for potential attacks
  • use hybrid or cloud-based services
  • remind yourself that you are never too small to be DDoSed


With the last statement in mind, it’s worth noting that DDoS attacks can cost small businesses up to $120,000 each time, while enterprise-level attacks can cost as much as $2 million. Don’t run the risk. Zhero has over 20 years of experience delivering professional business IT services and solutions and are expert in cybersecurity and risk mitigation. Contact us now.