DDoS Defense: Trends & Predictions

By Peter Brecl - Director, Global Security Services at Lumen Technologies

Keeping up with the latest cybersecurity trends is a continuous journey—because no matter how vigilant a company is or how well they orchestrate their cyber defenses, bad actors are highly motivated to evolve their methods, find new vulnerabilities, and exploit them.


2021 was a busy year for cybersecurity, showcasing how quickly attack-method preferences can change, the seasonality of attack volume, and the continuing trend of increased threat complexity. Several high-profile cyberattacks even made front-page news, which is perhaps no surprise considering global weekly attacks per organization increased by 50% compared with 2020.*


Considering these trends, it’s crucial for companies to be well-informed of the ever-evolving cybersecurity landscape, so they can better prepare to identify and mitigate their vulnerabilities. Luckily, Lumen and its threat-intelligence arm Black Lotus Labs constantly monitor the cyber threat space to help protect businesses and keep the Internet clean. Check out some of our key cybersecurity takeaways from 2021 and our predictions for how attacks may evolve in the year ahead.


DDoS Trends


  1. Beware of Ransom DDoS: Hackers are looking to cash in on their activities, which is one of the reasons we saw more of a reliance on Ransom DDoS in 2021. From May through July, Ransom DDoS was the primary mode of attack for bad actors. And while most ransom notes called for bitcoin, some requested for payments to be made in Monero instead. Read our Q2 report for a deeper dive into Ransom DDoS activities.
  2. Voice providers are a prime target: In Q3 we observed many voice providers come under attack, as security isn’t traditionally inherent in voice over internet protocol (VoIP) solutions.
  3. Watch out for reflection attacks: Hackers use reflection-style attacks because they’re relatively easy to deploy and can generate very large attacks. Whether it’s CLDAP, NTP, DNS, SSDP, or other protocols susceptible to amplified reflection attacks, hackers rely on this vector category to cause significant damage. Read our Q3 report for an in-depth review of spoofed reflection attacks.


DDoS Predictions

  1. Spikes and lulls in Ransom DDoS: Lumen expects to see Ransom DDoS attacks used more seasonally this year. Dry periods will likely be followed by a flurry of activity—with attackers opting for a shock and awe campaign. Major attacks will also likely inspire copycat activity.
  2. More sophisticated multi-vector attacks: We already saw an increase in attack complexity throughout 2021, and that will continue throughout 2022. We expect to see the largest volumetric attack on record this year as botnets continue to grow in size and complexity. You can also expect growth in Layer 7 attacks, leading to the need for web application protection and bot management to protect new application-driven revenues.
  3. Increased nation-state activity due to political landscape in Eastern Europe: Given the political landscape in Eastern Europe, Lumen expects to see an increase in nation-state–sponsored attacks in 2022. As these attacks become more prevalent, and considering successful collaborative takedowns such as Emotet last year, we also anticipate that industry–government collaborations will bear more fruit in 2022. In addition, businesses and government entities should be prepared to defend against direct campaigns—including ransomware, DDoS and attacks against critical infrastructure—and collateral damage.


Black Lotus labs and Lumen will continue to do our part in keeping the Internet a safe place. Read Lumen’s Quarterly DDoS Report to learn about the latest threats and trends. Experiencing an active attack? Activate Lumen DDoS Hyper in minutes.



As a Lumen Channel Partner, you have access to many powerful sales and marketing resources that will help you grow your business with Lumen Connected Security Solutions.


For more information about Lumen Connected Security Solutions, contact your Lumen Channel Manager or email Partners@lumen.com.