DDoS Attacks on the Rise, but Education Networks Largely Spared

In the first half of 2021, dedicated denial of service (DDoS) attacks were up by double digits. But somehow schools, colleges and universities, despite being favorite targets for ransomware and various other forms of malware, have been by and large overlooked — even as DDoS becomes a companion tool in ransomware incidents.

According to a report released this week by network security company NetSCOUT, everything about DDoS attacks increased in the first half of the year:

  • The total number of attacks increased to 5.35 million, up 11 percent  over the same period last year;

  • The average duration increased to 50 minutes, up 31 percent;

  • The largest attack in terms of bandwidth was 1.5 Tbps (against a German ISP), up 169 percent over the largest attack in the first half of last year; and

  • The fastest attack was 675 Mpps (million packets per second), targeted at a Brazilian broadband user and likely related to online gaming, up 16.17 percent.

In total there were four terabit-class DDoS attacks (none of them against a target in the United States).

According to the report, DDoS is increasingly being used as part of ransomware (as well as stand-alone extortion) campaigns, with actors using encryption and data theft, then adding more pressure on the IT/security organization through DDoS.

Amid all of this, however, the report noted that education didn't even crack the top 10 as a target. In addition, education (including both K–12 and higher ed) made up less than a third of a percentage point of all bottled nodes (defined as "devices/systems that have been compromised by malicious bot software") used in DDoS attacks in the first half of the year (0.3 percent), well behind businesses (at 4.47 percent), hosting services (8.45 percent), mobile (11.57 percent) and ISP (75.22 percent).

According to the report: "This is probably due to more stringent control over what devices are allowed on the network in these institutions. The top three source network profiles were ISP, mobile, and hosting, where device control is nearly nonexistent. That lack of control means that those ISP and mobile numbers really represent compromised subscribers."

The complete report, the NetSCOUT Threat Intelligence Report 1H 2021, which includes many additional statistics, best practices and further explanations of attack vectors and operating systems, can be found on NetSCOUT's site and is available in both interactive versions and static PDFs.

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured

  • Abstract AI symbols, including neural network diagrams and circuit-like patterns, blending seamlessly with a blue sky filled with soft white clouds

    UC Berkeley Announces Sky-T1-32B Open Source AI Model, Offering High Performance at a Fraction of the Cost

    UC Berkeley researchers have introduced Sky-T1-32B, an open source, reasoning-focused language model that delivers high performance at an unprecedented cost of under $450 for training.

  • glowing digital brain made of blue circuitry hovers above multiple stylized clouds of interconnected network nodes against a dark, futuristic background

    Report: 85% of Organizations Are Using Some Form of AI

    Eighty-five percent of organizations today are leveraging some form of AI, according to the latest State of AI in the Cloud 2025 report from Wiz. While AI's role in innovation and disruption continues to expand, security vulnerabilities and governance challenges remain pressing concerns.

  • AI robot with cybersecurity symbol on its chest

    Microsoft Adds New Agentic AI Tools to Security Copilot

    Microsoft has announced a major expansion of its AI-powered cybersecurity platform, introducing a suite of autonomous agents to help organizations counter rising threats and manage the growing complexity of cloud and AI security.

  • The AI Show

    Register for Free to Attend the World's Greatest Show for All Things AI in EDU

    The AI Show @ ASU+GSV, held April 5–7, 2025, at the San Diego Convention Center, is a free event designed to help educators, students, and parents navigate AI's role in education. Featuring hands-on workshops, AI-powered networking, live demos from 125+ EdTech exhibitors, and keynote speakers like Colin Kaepernick and Stevie Van Zandt, the event offers practical insights into AI-driven teaching, learning, and career opportunities. Attendees will gain actionable strategies to integrate AI into classrooms while exploring innovations that promote equity, accessibility, and student success.