Skip to content

Lumen scrubbed more than 20,000 enterprise DDoS attacks in 2021

PTC Member News

Lumen scrubbed more than 20,000 enterprise DDoS attacks in 2021 
Latest DDoS Report reveals recent trends in DDoS attacks, plus predictions for 2022 

DENVER, Feb. 17, 2022 Lumen Technologies (NYSE: LUMN) continues to track Distributed Denial of Service (DDoS) attacks around the world, and today the company released a report that details the DDoS statistics and trends seen in the fourth quarter and full-year 2021. 

Speed Read: 

• In 2021, the three most attacked verticals were Telecommunications, Software and Technology, and Government. This is likely due to the level of disruption – and any potential financial gain – that these types of attacks can generate. 

• In Q4 2021, there was an increase in the number of unique Command and Control (C2) servers tracked for the pervasive DDoS botnets Gafgyt and Mirai, indicating that actors continue to manipulate their code to keep these botnets thriving. 

• Voice providers became a target later in the year, and malicious actors could view this early success as an opportunity for future attacks. 

• Financial gain is a significant motivator for attackers, and there were spikes in the use of ransom DDoS attacks throughout the year. This trend is expected to continue into 2022 and beyond. 

Reflection-style attacks continue to be widely used – likely because they require relatively little effort to generate large attacks. 

Read the full report here: 

“Reflection vectors continue to have a significant impact on businesses worldwide,” said Mark Dehus, director of information security for Black Lotus Labs, the threat research arm of Lumen Technologies. “This trend will likely continue in the coming years. It will take an industry-wide, collaborative effort to help mitigate sources of reflection. In addition, DDoS botnets will persist, and given the recent targeting of voice services, VoIP providers should ensure their security strategies address the risk going forward.” 

Dehus continued, “At Black Lotus Labs, we continue to do our part to track and mitigate botnets at their core. We strongly encourage business to understand and monitor their public attack surface to avoid having their resources abused and leveraged to launch attacks. We also encourage businesses to have a DDoS mitigation service in place to help minimize the impact of any future attacks. 

Additional Resources: 

• To read previous DDoS reports, visit the archive

• Take a deeper dive into reflection attacks by reading our blog: Tracking UDP Reflectors for a Safer Internet

• Learn more about Lumen DDoS Mitigation and Application Security Services, and the on-demand or always-on services of DDoS Hyper

• Find out how threat intelligence from Black Lotus Labs helps keep the internet clean. 

About Lumen Technologies and the People of Lumen: 

Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With approximately 450,000 route fiber miles and serving customers in more than 60 countries, we deliver the fastest, most secure platform for applications and data to help businesses, government and communities deliver amazing experiences. Learn more about the Lumen network, edge cloud, security, communication and collaboration solutions and our purpose to further human progress through technology at, LinkedIn: /lumentechnologies, Twitter: @lumentechco, Facebook: /lumentechnologies, Instagram: @lumentechnologies and YouTube: /lumentechnologies. Lumen and Lumen Technologies are registered trademarks in the United States. 

Media Contact: 
Suzanne K. Dawe 
Lumen Public Relations 
P: 720.217.5476