DDoS Attacks Surpass 10-Million Mark for the First Time in 2020

For the first time since the dawn of the internet, the annual number of DDoS attacks has exceeded 10 million. Germany was the target of the largest EMEA-region attack.

The
ATLAS Security Engineering and Response Team (ASERT) of NETSCOUT
recorded 10,089,687 Distributed-Denial-of-Service (DDoS) attacks in 2020 – nearly 1.6 million more than the 8.5 million attacks observed in 2019. In Germany alone, 445,000 DDoS attacks were recorded last year, up from 162,000 in 2019. This included the largest EMEA-region attack ever observed, peaking at 586 Gbps.

Network services provider NETSCOUT has now distilled the most critical insights.

DDoS attacks surged globally during the first lockdown in early March, according to the report. Source: iStock / Anastasiia_New

Remote Work Environments & Lockdowns: A Cybercriminal’s Paradise

Cybercriminals exploited the shift from corporate networks – protected by enterprise-grade firewalls – to home-office setups secured only by consumer-grade networking devices. By more than doubling the number of readily available IoT-specific malware samples, attackers dramatically accelerated the pace of DDoS activity.

Monthly DDoS attacks consistently surpassed 800,000 starting with the March 2020 lockdown. May saw the highest volume, with 929,000 DDoS attacks. Cable and wireless broadband providers bore the brunt of these attacks. Other top targets included critical infrastructure sectors such as e-commerce, online learning, and healthcare.

Financial Services & Healthcare Under Siege

In mid-August, the threat actor Lazarus Bear Armada (LBA) launched a global, ongoing campaign of DDoS extortion attacks. According to ASERT, the campaign persists because victims failed to pay the original ransom demand. While LBA initially targeted financial services, cybercriminals quickly expanded their focus to major healthcare organizations – including firms involved in COVID-19 testing and vaccine development.

As the COVID-19 pandemic extends into 2021, threat actors will inevitably identify and exploit new attack vectors targeting vulnerabilities exposed by the global crisis. It is essential to continuously reassess the status quo of deployed security solutions – and adapt them proactively to evolving threats.

Key Facts

Damage Volume: Cybercrime causes over €8 trillion in global damages annually.

Skills Shortage: More than 3.5 million cybersecurity professionals are missing worldwide.

Frequently Asked Questions

What are the most common cyber threats facing businesses?

According to the BSI (Federal Office for Information Security) Situation Report, ransomware, phishing, DDoS attacks, and supply-chain compromises rank among the most frequent threats. German companies face additional regulatory risks – including GDPR and the upcoming NIS2 Directive.

How much should a company invest in cybersecurity?

Industry experts recommend allocating 10 to 15 percent of the IT budget to cybersecurity. According to Bitkom, German companies average 14 percent. Crucially, it’s not just the amount – but the strategic distribution across prevention, detection, and response – that matters.

Does every company need a CISO?

Not every organization requires a full-time Chief Information Security Officer – but every company must assign clear, board-level accountability for IT security. SMEs can leverage external or virtual CISOs (vCISOs). With NIS2, management accountability for cybersecurity becomes legally mandated.

Related Articles

• Home Office Security Gap: On the Trail of Cybercriminals
• secIT by Heise 2026: The Security Roadshow for Admins and IT Decision-Makers
• DsiN Annual Conference 2026: Digital Security in a Connected Society

More from the MBF Media Network

• More IT security trends at mybusinessfuture.com
• Cloud & infrastructure news at cloudmagazin.com

Header Image Source: Adobe Stock / profit_image

TL;DR

• For the first time since the internet’s inception, the annual number of DDoS attacks has surpassed the 10-million mark.
• According to the report, DDoS attacks surged globally during the first lockdown in early March.
• While the LBA campaign initially targeted financial services, the responsible cybercriminals soon broadened their focus to major healthcare enterprises – including firms involved in…
• The ATLAS Security Engineering and Response Team (ASERT) of NETSCOUT recorded 10,089,687 Distributed-Denial-of-Service (DDoS) attacks in 2020.

Fact: According to Mandiant, the average attacker dwell time inside a compromised network is 10 days.

Fact: Per the Allianz Risk Barometer 2025, cyberattacks are the top business risk worldwide.

About the author: Tobias Massow

More articles by Tobias Massow