StormWall, a leader in DDoS protection, has published its Q3 2023 State of DDoS report, highlighting a 43% uptick in DDoS attacks compared to the same quarter last year.
In Q3 2023, the government sector took the brunt of the attacks, seeing a 136% spike compared to Q3 2022. It accounted for 26% of all incidents, as per the report. Entertainment industry attacks shot up by 117% year-over-year, while the transportation sector experienced an 86% increase. Finance and telecommunications weren’t spared either, with attacks rising by 38% and 32%, respectively. Stay vigilant in monitoring these sectors as high-priority targets.
StormWall’s global network, able to filter up to 3500 Gbit/s of peak traffic, provides a rich data set for assessing DDoS attack trends.
Increasing attack complexity
The key driver behind the uptick in attacks is their growing technical sophistication, including an increase in multi-vector attacks. DNS attacks, which surged at the start of Q3 2023, now make up over 3% of all DDoS incidents. These attacks zero in on DNS servers, disabling website access without directly affecting web servers.
StormWall’s report notes a decline in certain volumetric attacks, mainly due to community efforts to patch vulnerable amplifiers like NTP. These are replaced by application-level (L7) attacks, often using socks proxies on rented VPS for distribution. StormWall experts warn to keep an eye on this trend in the next quarter.
Expanding geographic range
The Russia-Ukraine conflict has fueled a rise in hacktivist attacks. We’re seeing a spike in attacks in the European Union by Russian state-sponsored groups, focusing primarily on government services. Critical sectors like airports, border control, and government agencies are in the crosshairs. This shift toward targeting critical infrastructure started earlier in 2023 and has escalated since the conflict began.
The expanding geographic scope of cyberattacks has led to increased incidents in the Middle East and Asia. Economic sanctions are driving Russian companies from EU and US markets to these regions, which draws two kinds of threat actors: politically motivated and profit-seekers. They either target Russian companies through hacktivism or capitalize on hitting new digital infrastructure for financial gain.
“Our latest data shows that the threat landscape is shifting, especially towards critical infrastructure. We’re also seeing a rise in DNS and multi-vector DDoS attacks, which are notoriously hard to spot and defend against. This makes for a dangerous combination, and puts critical services at risks” says Ramil Khantimirov, CEO of StormWall.
For those interested in more detailed insights, StormWall’s full Q3 2023 DDoS report is available for further review.