Skip to main content

Woburn, MA – February 16, 2021 –Kaspersky today released a new report, showing Kaspersky DDoS Prevention detected a 31% drop in attacks in Q4 2020, compared to the previous quarter. Researchers connect the drop to a growing interest in cryptocurrency mining.

As people spent more time online in 2020, researchers observed a corresponding spike in DDoS attacks. In the fourth quarter, attacks on educational institutions continued: several schools in Massachusetts and Laurentian University in Canada experienced incidents. Online gaming services also suffered DDoS attacks during the analyzed period.

However, the trend slowed in Q4, with only 10% more attacks than in Q4 2019. And compared to Q3 2020, the number of attacks fell by 31%, while Q3 2020 also saw a drop compared to Q2.

Experts suggest that a surge in cryptocurrency costs may have prompted cybercriminals to re-profile some botnets so that the C&C servers typically used in DDoS attacks could repurpose infected devices and use their computing power to mine cryptocurrencies instead.

This is supported further by KSN statistics[1]. Throughout 2019, as well as in the beginning of 2020, the number of cryptominers was dropping. However, starting in August 2020, the trend changed, with the amount of this form of malware increasing slightly and reaching a plateau in Q4.


“The DDoS attack market is currently affected by two opposite trends,” said Alexey Kiselev, business development manager on the Kaspersky DDoS Protection team. “On the one hand, people still highly rely on stable work of online resources, which can make DDoS attacks a common choice for malefactors. However, with a spike in cryptocurrency prices, it may be more profitable for them to infect some devices with miners. As a result, we see that the total number of DDoS attacks in Q4 remained quite stable. And we can predict that this trend will continue in 2021.”

To stay protected against DDoS attacks, Kaspersky experts offer the following recommendations:

  • Maintain web resource operations by assigning specialists who understand how to respond to DDoS attacks.
  • Validate third-party agreements and contact information, including those made with internet service providers. This helps teams quickly access agreements in case of an attack.
  • Implement professional solutions to safeguard your organization against DDoS attacks. For example, Kaspersky DDoS Protection combines Kaspersky’s extensive expertise in combating cyberthreats and the company’s unique in-house developments.

Read the full report on Securelist.

About Kaspersky

Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 250,000 corporate clients protect what matters most to them. Learn more at

Media Contact

Sawyer Van Horn

(781) 503-1866

[1] Kaspersky Security Network (KSN) is a distributed infrastructure that works with various anti-malware protection components. The statistics consist of depersonalized metadata which is voluntarily provided by KSN participants among Kaspersky’s customers.

DDoS attacks decline as cryptomining rises in its place

Kaspersky Logo