A single telecom accounted for 20% of DDoS attacks in Q1, Lumen finds

Telecommunications companies continued to be a key target for distributed denial of service (DDoS) attacks in Q1 2022, as the number of attacks jumped 32% year on year, a new Lumen report showed. Of the top 500 largest attacks, the telecom industry accounted for a whopping 76%. That compares to just 9% of the biggest attacks in Q1 2021.

All told, the telecom industry fielded 1,487 attacks in the recent quarter, according to Lumen’s Quarterly DDoS Report. The largest bandwidth attack hit 775 Gbps and the largest packet-based threat reached 70 Mpps. Lumen said the former was the largest bandwidth attack ever to come through its scrubbing center. The longest attack lasted for four days, and just over two-thirds of incidents were multi-vector attacks.

Mark Dehus, director of threat intelligence for Lumen Black Lotus Labs, told Fierce the growing size of both the bandwidth and packet attacks is significant because such threats affect the network in different ways.

“Bandwidth per second can just overwhelm and flood a particular link or connection, especially if done in a certain way, such that nothing else can make it through that pipe,” he explained. “Instead of saturating the actual bandwidth that can be transmitted through the pipe, with packets per second you can overwhelm the gear that’s doing the processing itself.” That includes things like CPUs and routers and other equipment tasked with helping maintain a firewall, he said.

“So, the continued growth we’re seeing on both fronts is alarming and concerning,” he added.

Interestingly, Lumen noted a single unnamed company accounted for the vast majority – over 1,300 – of the attacks in the telecom sector and 20% of the total number of threats it scrubbed in the quarter. Lumen pointed out, though, “This doesn’t mean that the target was specifically the telecommunications company, as there could be multiple targets within their customer base.”

Dehus declined to share additional information about the company, such as whether it was a fixed or wireless telecom operator.

Other verticals facing a significant proportion of attacks were the Gaming and Software and Technology industries. Gaming accounted for 9% of the largest attacks and faced 167 overall, with 80% of threats coming as multi-vector attacks. The Software and Technology segment saw 419 attacks in the quarter and represented 8% of the largest attacks, though 68% were single-vector threats.

On average across all verticals, Lumen said it blocked 70 attacks daily in Q1 2022. The overall number of attacks hit 6,162, a figure which was up 32% year on year and 63% sequentially.