Hacktivist activity drives a rise in DDoS attacks
The first half of this year has seen a 43 percent increase in the number of application-layer attacks and a 30 percent increase in volumetric attacks, especially in Europe and the Middle East, according to the latest threat report from NETSCOUT.
The attacks involve a range of threat actors, including hacktivists, targeting critical infrastructure in the banking and financial services, government and utilities sectors.
These attacks pose significant threats by disrupting vital civilian services in countries that oppose the hacktivists' ideologies. Key industries, already facing frequent and intense multi-vector attacks, experienced a 55 percent increase over the past four years.
"Hacktivist activities continue to plague global organizations with more sophisticated and coordinated DDoS attacks against multiple targets simultaneously," says Richard Hummel, director, threat intelligence at NETSCOUT. "As adversaries use more resilient, take-down-resistant networks, detection and mitigation are more challenging. This report gives network operations teams insights to fine-tune their strategies to stay ahead of these evolving threats."
DDoS attacks have continued to evolve, using innovative technologies and approaches to disrupt networks. For example NoName057(16), a pro-Russia hacktivist group, has increased its focus on application-layer attacks, particularly HTTP/S GET and POST floods, leading to a 43 percent rise compared to the first half of 2023.
Bot-infected devices increased by 50 percent with the emergence of the Zergeca botnet and there's been a rise in distributed botnet C2 infrastructure leveraging bots as control nodes enabling more decentralized and resilient DDoS attack coordination.
The report also finds that over 75 percent of newly established networks are involved with DDoS activities, both as targets or abused participants in launching attacks on others, within the first 42 days of coming online. Organizations need to plan for DDoS protection when splitting off a portion of a network to a new system rather than assume automatic protections from upstream service providers.
The full report is available from the NETSCOUT site.
Image credit: stevanovicigor/depositphotos.com