NETSCOUT: 7.9 Million DDoS Attacks Detected in 1H2023

    26/10/2023Arbor NetworksNetscoutNews
    NETSCOUT: 7.9 Million DDoS Attacks Detected in 1H2023

    In the first half of 2023, NETSCOUT documented a staggering 7.9 million DDoS attacks, marking a 31% increase compared to the previous year. This translates to 44,000 attacks daily, underscoring the growing threat posed by distributed denial-of-service (DDoS) campaigns worldwide.

    Key Trends in Global DDoS Activity

    The Impact of Geopolitical Events on DDoS Growth

    Global events such as the Russia-Ukraine war and NATO expansion fueled the rise in DDoS attacks. In 2022, Finland faced numerous attacks by pro-Russian hacktivists during its NATO membership bid. Similarly, Sweden became a target in 2023, culminating in a 500 Gbps DDoS assault in May. The report highlights how ideologically driven attacks targeted nations like the United States, Ukraine, Finland, Sweden, and Russia, among others.

    5G Deployment and Its Influence on Attack Patterns

    The transition to 5G fixed wireless access has amplified threats to wireless service providers. From late 2022 to early 2023, attacks against wireless providers increased dramatically:

    • 79% global growth in the second half of 2022.
    • 294% surge in the Asia-Pacific region during the first half of 2023.

    As broadband gaming users adopt 5G, attackers exploit vulnerabilities in newly deployed networks.

    Advanced DDoS Attack Tactics and Persistence

    NETSCOUT observed shifts in DDoS tactics, revealing a rise in:

    • Application-Layer HTTP/S Attacks: These have grown by nearly 500% since 2019, targeting specific services with precision.
    • DNS Amplification and Reflection: A 17% increase in DNS-based attacks was recorded in the first half of 2023.
    • “Carpet Bombing” Tactics: These attacks surged by 55%, averaging 724 incidents daily. This method overwhelms multiple hosts simultaneously, evading traditional bandwidth-threshold alerts.
    • Water Torture DNS Attacks: Such attacks saw a 353% increase, targeting industries like telecom, hosting, e-commerce, insurance, and public sectors.

    Persistent DDoS Sources: A Challenging Trend

    The report highlights that a relatively small number of nodes contribute disproportionately to DDoS activity. Attackers frequently reuse compromised infrastructure, with IP turnover averaging just 10%. This persistence complicates mitigation efforts, as attackers rely on bulletproof hosting and proxy networks.

    NETSCOUT’s Unique Approach to Understanding Threats

    NETSCOUT’s threat intelligence stems from its ATLAS Sensor Network, which spans hundreds of ISPs and monitors 424 Tbps of internet peering traffic globally. This vast dataset, coupled with decades of experience, allows NETSCOUT to identify and respond to emerging threats effectively.

    Insights from Richard Hummel, Threat Intelligence Leader

    • New Attack Lifecycles: Adversaries rapidly test and deploy novel attack vectors.
    • Proxy and Bulletproof Hosting: Attackers exploit specialized infrastructure to amplify attack longevity and impact.
    • Evolving Tactics: Techniques like DNS “water torture” and carpet bombing highlight the sophistication of modern campaigns.

    NETSCOUT and NWU: Empowering Cyber Defense in Ukraine

    NWU, NETSCOUT’s official distributor in Ukraine, introduced advanced anti-DDoS solutions to the local market. Through partnerships with NWU, Ukrainian businesses and government institutions gain access to:

    • Arbor Edge Defense (AED): A leading solution for blocking malicious traffic at the network edge.
    • NETSCOUT Platforms: Comprehensive tools for monitoring, detecting, and mitigating DDoS attacks.

    These solutions ensure resilience against cyber threats, preserving business continuity even in high-pressure environments.

    Why Choose NETSCOUT for DDoS Protection?

    Global Visibility and Threat Intelligence

    NETSCOUT monitors over 50% of global internet traffic, enabling real-time detection of emerging threats. Its ATLAS Intelligence Feed (AIF) ensures organizations stay ahead of adversaries with actionable insights.

    Comprehensive Mitigation Strategies

    From volumetric attacks to application-layer threats, NETSCOUT offers dynamic mitigation solutions tailored to modern attack methods. Proactive defenses minimize impact, preserving service availability.

    Expertise Across Industries

    Serving the world’s largest enterprises, service providers, and government sectors, NETSCOUT delivers scalable, reliable solutions for diverse cybersecurity needs.

    Conclusion

    As DDoS attacks grow in complexity, businesses need innovative solutions to maintain security and resilience. With its unparalleled expertise, cutting-edge tools, and trusted partnerships through NWU, NETSCOUT empowers organizations to counter modern cyber threats effectively.

    Explore NETSCOUT solutions with NWU to secure your operations against the ever-evolving DDoS threat landscape.