close
close

Geopolitical unrest leads to an onslaught of DDOS attacks – Intelligent CIO Africa

Hacktivist groups are increasing their activity worldwide as DNA water torture increases contributed to more than seven million DDoS attacks in the second half of 2023.

NETSCOUT SYSTEMS has published results from its 2H2023 DDoS Threat Intelligence Report It analyzes trends and attack methods that adversaries use against service providers, enterprises and end users.

The information cited in the report comes from NETSCOUT’s unparalleled global Internet visibility, which collects, analyzes, prioritizes and disseminates DDoS attack data from 214 countries and territories, 456 verticals and more than 13,000 Autonomous System Numbers (ASNs). .

Driven by tech-savvy and politically motivated hacktivist groups and an increase in DNS water torture attacks, NETSCOUT observed more than seven million DDoS attacks in the second half of 2023, a 15% increase over the first half.

Hacktivism is increasing tenfold

Distributed denial-of-service (DDoS) hacktivism has transcended geographic boundaries over the past year, exemplifying a shift in the global security landscape. Groups like NoName057(016) and Anonymous Sudan, as well as individual hackers and small collectives, are increasingly using DDoS to attack those who are ideologically hostile to them, for example:

  • Peru experienced a 30 percent increase in attacks linked to protests against the release of former Peruvian President Fujimori from prison on December 6.
  • Poland experienced a spike in attacks related to regime change and statements reaffirming Poland’s support for Ukraine in the Russia-Ukraine conflict in late 2023.
  • Anonymous Sudan attacked X (formerly Twitter) to influence Elon Musk regarding the Starlink service in Sudan and attacked Telegram for blocking its main channel.

NoName057(016), Anonymous Sudan and Killnet are responsible for DDoS attacks in Ukraine, Russia, Israel and Palestine that targeted communications infrastructure, hospitals and banks. Daily hacktivist attacks increased more than tenfold between the first and second half of 2023. NoName057(016) topped the list of DDoS attackers in 2023, targeting 780 websites in 35 countries.

Water torture attacks are becoming more and more common

Since late 2019, Domain Name System (DNS) water torture attacks have been on the rise, targeting critical systems at the heart of the Internet’s control plane. DNS query floods aimed at overwhelming authoritative DNS servers saw a massive 553% increase from 1H2020 to 2H2023. Instead of targeting a website or server, attackers attack entire systems, causing even greater damage.

Gaming and gambling in sight

NETSCOUT’s findings suggest that gaming – and related gambling – is a prime target for DDoS attacks. Threat actors are attracted by the significant financial value of the sector and the goal of disrupting competition, particularly in online esports tournaments. Historically, 80-90% of all DDoS attacks are related to gaming and gambling. NETSCOUT assessed attacks on companies in these sectors and found that more than 100,000 DDoS attacks were carried out against companies in the gaming sector and over 20,500 against companies related to gambling in 2023.

Additionally, based on NETSCOUT’s observations of the DDoS threat landscape, approximately 1% of DDoS attacks are suppressed by originating networks.

“Global attackers have become more sophisticated over the past year, attacking websites and overloading servers to lock out customers and wreak digital havoc to influence geopolitical issues,” said Richard Hummel, senior threat intelligence lead at NETSCOUT.

“The relentless tide of DDoS threats is driving up costs and leading to security fatigue among network operators. They cannot protect their digital assets without the right, advanced DDoS protection that leverages real-time, predictive threat intelligence.”

Decades of experience working with the world’s largest service providers and companies give NETSCOUT extensive insight into the global Internet to understand the pulse of the digital world. Our ability to monitor and respond to DDoS attacks is based on our ATLAS platform, which allows us to analyze an impressive 500 terabits per second (Tbps) of network traffic.

Click below to share this article