#Infosec2024: Conflicts lead to an increase in DDoS attacks in EMEA

According to a new report from Akamai released at Infosecurity Europe 2024, DDoS attacks have increased sharply in Europe, the Middle East and Africa (EMEA), overtaking North America as the most attacked region in the first quarter of 2024.

EMEA is the only region in the world where DDoS attacks have steadily increased since 2019. The researchers noted that this is partly due to the ongoing war between Russia and Ukraine and, more recently, the conflict between Israel and Hamas.

In contrast, in North America, DDoS attack volume has declined significantly since 2023.

The total number of DDoS attacks in the EMEA region reached nearly 2,500 in 2023, more than three times the number of Asia Pacific and Japan (APJ) and Latin America (LATAM) combined.

Great Britain is the biggest target for DDoS attackers

The researchers found that the UK has been subjected to over a quarter (26%) of all DDoS attacks targeting the EMEA region since 2019.

The second most affected nation states are Saudi Arabia (22%) and Germany (9%).

The analysis also found that over half (53%) of all DDoS attacks in the financial services sector target targets in the EMEA region. North America is the second most attacked region in the financial services sector at 43%.

The most common type of DDoS attack used by threat actors targets the Domain Name System (DNS), likely due to the tremendous impact that flooding these systems can have on victims.

More than a third of DDoS attacks use multiple attack methods, sometimes up to 12, to increase the success rate. The most popular of these methods are DNS flood, UDP fragmentation and NTP reflection.

Akamai noted that the emergence of services such as DDoS boosters, available for as little as £8.50 ($10.83), is further lowering the barrier to entry for attackers.

Global conflicts contribute to the DDoS wave

The report also highlighted how the ongoing wars between Russia and Ukraine and between Israel and Hamas are contributing to the rise in DDoS attacks in EMEA.

Both conflicts have led to a wave of politically motivated hacktivists and state-sponsored actors on all sides conducting cyberattacks. DDoS is a particularly popular tactic due to its low cost and complexity.

In the run-up to the Kremlin’s invasion of the region in February 2022, pro-Russian actors have repeatedly taken Ukrainian government and critical infrastructure websites offline through DDoS attacks. These actors have also used this tactic to target Ukraine’s allies, such as the websites of the European Parliament and the British royal family.

Since the beginning of the war, pro-Ukrainian hacktivists have been frequently observed launching attacks on Russian government and institutional websites.

While cyberattacks appear to have played a much smaller role in the conflict between Israel and Hamas, various hacktivist groups have claimed to have launched DDoS attacks on Israeli targets in the wake of Hamas’s shock attack on Israel on October 7, 2023.

In February 2024, several leading British universities were crippled by DDoS attacks. The Sudan-based hacktivist group Anonymous claimed responsibility, citing the British government’s support for the Israeli military action in the Gaza Strip.

Richard Meeus, Director of Security Technology and Strategy EMEA at Akamai, expects the number of targeted DDoS attacks in the EMEA region to continue to increase in the coming months and that numerous spectacular events are imminent.

“With several high-profile events coming up in the region, such as the UK and EU elections and the summer of sport, cybercriminals will continue to apply pressure. It is critical that organisations protect their digital assets and shield their DNS infrastructure to avoid falling victim to attacks,” he commented.