As the world is transforming digitally, the exponential growth of the internet has brought with it an unforeseen surge in cyber threats. According to a recent report from cybersecurity firm Netscout Systems Inc., organizations worldwide find themselves navigating a complex network security landscape. The report underscores a direct correlation between growing internet traffic and the increasing number of Distributed Denial of Service (DDoS) attacks.
In the first half of 2023 alone, cybercriminals launched a staggering 7.9 million DDoS attacks, representing a significant 31% year-over-year increase.
“While world events and 5G network expansion have driven an increase in DDoS attacks, adversaries continue to evolve their approach to be more dynamic by taking advantage of bespoke infrastructure such as bulletproof hosts or proxy networks to launch attacks,” said Richard Hummel, senior threat intelligence lead, NETSCOUT. “The lifecycle of DDoS attack vectors reveals the persistence of adversaries to find and weaponize new methods of attack, while DNS water torture and carpet-bombing attacks have become more prevalent.”
According to the report, carpet-bombing attacks have surged by 55%, totaling more than 724 daily assaults. These attacks are especially insidious due to their broad network footprint. Wired and wireless telecommunications and cloud hosting providers bear the brunt of these assaults as they spread across their networks.
In the second half of 2022, there was a rise of 79% in the attacks targeting wireless providers. This trend persisted into 2023, with an alarming 294% surge among APAC wireless providers. This increase is linked to many broadband gamers switching to 5G fixed wireless access, which makes these providers more susceptible to attacks as they expand their networks.
The internet’s growth has hit a bump due to an increase in DDoS attacks. These attacks have surged, with a 500% rise in HTTP/S application layer attacks and a 17% increase in DNS reflection/amplification attacks in the first half of 2023.
Another concerning type of attack is DNS water torture, where attackers overload DNS servers, causing a service outage. These attacks have been on the rise, spiking sharply in June 2023. Since the start of the year, they’ve gone up by almost 353% in daily occurrences. As per the report, the top five industries targeted are wired telecom, wireless telecom, data processing hosting, electronic shopping and mail-order companies, and insurance agencies and brokerages.
Ever since the ground operations began in the Russia/Ukraine conflict, there have been consistent DDoS attacks with ideological motives. These attacks targeted countries like the United States, Ukraine, Finland, Sweden, and Russia.
The surge in DDoS attacks poses a formidable challenge to the growing internet landscape. Therefore, it has become important to focus on visibility as a pivotal defensive measure against these mounting threats. With early detection and swift intervention, defenders can curtail the resources at the disposal of assailants, compelling them towards limited and less effective methods. This approach of imposing a deliberate scarcity of resources and constraining attackers to one-dimensional methodologies significantly narrows their avenues for successful exploitation. Vigilance and proactive defense measures will remain paramount for organizations and cybersecurity leaders in safeguarding the integrity and stability of the digital landscape.
Featured image credits: Image by Freepik