DDoS Attacks on the Rise: A Growing Threat in an Evolving Landscape
Introduction
In the first half of 2023, approximately 7.9 million Distributed Denial of Service (DDoS) attacks were launched globally, marking a 31% increase compared to the previous year. This surge in cyberattacks is a cause for concern, especially in light of recent global events such as the Russia-Ukraine war and NATO bids. Cybersecurity company NETSCOUT SYSTEMS, INC. has released its 1H2023 DDoS Threat Intelligence Report, shedding light on the evolving threat landscape and providing key insights into the trends and tactics employed by cybercriminals.
The Role of Ideological Motivation
One notable aspect of the report is the targeting of countries involved in geopolitical events. Finland, during its bid to join NATO, came under attack from pro-Russian hacktivists in 2022. Turkey and Hungary were also targets of cyberattacks for opposing Finland’s bid. In 2023, Sweden faced a similar onslaught during its NATO bid, including a massive 500 Gbps DDoS attack in May. These attacks demonstrate how ideologically motivated cyberattacks have become increasingly prevalent, targeting countries such as the United States, Ukraine, Finland, Sweden, Russia, and others.
Implications and Concerns
Global Telecommunications Providers under Attack
The report identifies a concerning trend in DDoS attacks targeting wireless telecommunications providers. In the second half of 2022, such attacks increased by 79% globally, and this trend continued in the Asia-Pacific region in the first half of 2023, with a staggering 294% increase. This rise in attacks can be attributed to the growing number of broadband gaming users shifting their activities to 5G fixed wireless access as providers roll out their networks. The increased reliance on wireless connectivity makes these providers prime targets for cybercriminals.
Advancements in Attack Vectors
With the growing sophistication of cybercriminals, NETSCOUT’s report highlights key insights into the changing nature of DDoS attacks. The company’s observations reveal a nearly 500% growth in HTTP/S application layer attacks since 2019 and a 17% growth in DNS reflection/amplification volumes during the first half of 2023. These statistics underscore the need for continuous improvement in defensive strategies and the development of robust cybersecurity measures.
The Dynamic Approach of Adversaries
Infrastructure and Attack Persistence
Adversaries are adapting and evolving their methods to launch more dynamic DDoS attacks. They are increasingly exploiting bespoke infrastructure, including bulletproof hosts or proxy networks, to carry out their attacks. NETSCOUT’s report highlights the persistence of adversaries, with only a small number of nodes responsible for a disproportionate number of DDoS attacks. These attackers tend to re-use abusable infrastructures, resulting in an average IP address churn rate of just 10%. This persistence allows them to rotate through different lists of abusable infrastructure every few days and continue their destructive activities.
New Attack Strategies: Carpet-Bombing and DNS Water-Torture
The report draws attention to two emerging attack strategies. Carpet-bombing attacks, which involve spreading attacks across numerous hosts simultaneously, have witnessed a 55% increase since the beginning of the year, with more than 724 daily attacks recorded. These attacks pose significant harm to the global internet infrastructure, often bypassing traditional high bandwidth threshold alerts that trigger DDoS attack mitigation.
DNS water-torture attacks, on the other hand, have experienced a surge of nearly 353% in daily attacks since the start of 2023. The top five industries targeted by these attacks include wired telecom, wireless telecom, data processing hosting, electronic shopping and mail-order companies, and insurance agencies and brokerages. These tactics demonstrate the constant innovation and persistence of cybercriminals in finding new methods of attack.
Editorial and Advice
The increasing frequency and complexity of DDoS attacks necessitate strong and adaptive cybersecurity measures. It is essential for governments, organizations, and individuals to prioritize internet security and take proactive steps to safeguard against these threats.
Collaboration between Public and Private Sector
The battle against cybercrime requires collaboration between governments, cybersecurity companies, and internet service providers. Sharing threat intelligence and pooling resources can lead to a more robust defense against DDoS attacks.
Investing in Up-to-Date Defenses
Organizations must invest in state-of-the-art cybersecurity technologies and solutions that can adapt to evolving attack vectors. Regular updates, patches, and security audits are crucial to maintaining strong defenses against the ever-changing landscape of cyber threats.
Education and Training
Educating individuals and organizations about the risks of cyber threats and providing training on best practices for internet security is essential. Awareness and understanding of potential vulnerabilities can help prevent successful attacks and minimize their impact.
Conclusion
As the threat landscape evolves, the global community must remain vigilant and proactive in addressing the growing threat of DDoS attacks. The findings of NETSCOUT’s 1H2023 DDoS Threat Intelligence Report highlight the need for strong defenses, collaborative efforts, and continuous improvement in internet security. By staying ahead of cybercriminals and investing in robust cybersecurity measures, we can strive to protect the connected world from the disruptions caused by such malicious activities.
<< photo by Sigmund >>
The image is for illustrative purposes only and does not depict the actual situation.
You might want to read !
- Probing the Perils: Unmasking the Pro-Russia DDoS Assaults on the Canadian Government
- The Importance of Implementing DDoS Mitigations: Insights from CISA’s Guidance
- Unmasking the Veil: Investigating the DDoS Rampage of Hacktivist Group ‘Mysterious Team Bangladesh’
- Fortinet Leverages Military Veteran Talent to Bridge the Cybersecurity Skills Gap
- Fortinet’s Veterans Program Advisory Council: Bridging the Cybersecurity Skills Gap with Military Veterans
- Radiant Logic Unveils Groundbreaking Enhancements to Identity Analytics and Data Management Platform
- Gelsemium: Uncovering the Covert APT Targeting Southeast Asian Government
- Exploring the Elusive Sandman: Uncovering a New APT Group Targeting Telcos with LuaJIT Malware
- Exploring the Brave New World of Cybersecurity: Navigating the Digital Frontier in 2023
- Chinese Government Hackers Exposed: Concealing Themselves within Cisco Router Firmware
- Why Improving Cyber Hygiene is Crucial in the Fight Against Sophisticated Cyberattacks
- WatchGuard’s Latest Acquisition Boosts AI-based Network Detection and Response and Open XDR Capabilities
- The Stealthy Invasion: Unveiling the Menace of ZenRAT Malware Targeting Windows Users
- Ukrainian Law Enforcement Under Siege: A Closer Look at Russian Hacking Operations
- The Alarming Exposure: Millions of Files Unveiling Potentially Sensitive Information
- “Unveiling the Threat: Exploring the New GPU Side-Channel Attack”
- The Hidden Vulnerabilities of Data Protection: MOVEit Flaw Sparks Massive University Data Breaches
- China Delivers Cyber Blow to US and Japan with APT Attacks on Cisco Firmware
- The Rising Threat: How Spyware Is Exploiting Online Ads
- The Cybersecurity Crisis: Popular Websites Exposing Secrets
- Understanding the distinction between Threat Data Feeds and Threat Intelligence
- Exploring the Consequences: Kenyan Financial Firm Slapped with Data Mishandling Fine
- Unmasking the Okta Cross-Tenant Impersonation Attacks: A Deep Dive
