Skip to main content

Woburn, MA –May 6, 2020 — The Kaspersky Q1 2020 DDoS attacks report has revealed the overall number of DDoS attacks grew during the first three months of this year, with a significant spike in attacks on educational and municipal sites. Research experts attribute this growth to the COVID-19 pandemic as a majority of people are working from home and heavily reliant on digital resources.

The ongoing healthcare pandemic has caused almost all activities to shift online, and cyber attackers have taken notice. They have leveraged the increased demand in online resources to conduct attacks on the most vital digital services as well as those that are growing in popularity. For instance, the US government's Department of Health and Human Services, a group of hospitals in Paris and servers of an online game were all targets of DDoS attacks in February and March.

Kaspersky’s Q1 2020 DDoS attacks report also revealed notable growth in attacks on educational resources and official municipal websites. In Q1 2020, this number tripled compared to the same period in 2019, and the share of such attacks amounted to 19% of the total number of incidents in Q1 2020.

In general, the total amount of DDoS attacks in Q1 2020 has increased. During this period, Kaspersky DDoS Protection detected and blocked double the amount of attacks than in Q4 2019, and 80% more in comparison with Q1 2019. The average duration of attacks also grew with Q1 2020 DDoS attacks lasting 25% longer than in Q1 2019.


“Outage of internet services can be especially challenging for businesses now, because this is often the only way to make goods and services available to their customers,” said Alexey Kiselev, business development manager for Kaspersky DDoS Protection. “In addition, widespread adoption of remote working opens new vectors for those responsible for carrying out DDoS attacks. Previously most attacks were conducted against the public-facing resources of companies. We now see that DDoS attacks target internal infrastructure elements, for example, corporate VPN gateways or email servers.”

To help organizations protect themselves from DDoS attacks during this spike of activity while staff work from home, Kaspersky recommends taking the following measures:

  1. Do not panic. Unexpected traffic peaks may look like a DDoS attack, but these instances can be caused by legitimate users. They can visit resources which were not as popular before at times they were not previously accessing them.
  2. Conduct a fault tolerance analysis of your infrastructure to identify weak nodes and increase their reliability. Attack vectors and traffic peaks are changing, so some resources may work unstably.
  3. Consider DDoS protection for your non-public services. Their importance to business continuity may increase, making them a target for malefactors.

To access the full Q1 2020 DDoS report, please visit Securelist.

About Kaspersky

Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at

Media Contact

Cassandra Faro

DDoS during the COVID-19 pandemic: attacks on educational and municipal websites tripled in Q1 2020

Kaspersky Logo