NETSCOUT SYSTEMS, INC. Unveils Alarming Trends in DDoS Attacks in 1H2024

In a world increasingly reliant on digital infrastructure, the threat of Distributed Denial of Service (DDoS) attacks looms larger than ever. NETSCOUT SYSTEMS, INC. has recently released its findings from the 1H2024 DDoS Threat Intelligence Report, revealing a staggering 43% increase in application-layer attacks and a 30% rise in volumetric attacks, particularly in Europe and the Middle East. These statistics underscore a troubling trend in cyber threats that organizations must address urgently.

Escalating Threat Landscape

The report highlights a concerning escalation in the frequency and sophistication of DDoS attacks. A significant 70% of these attacks lasted less than 15 minutes, indicating a shift towards quick, disruptive strikes rather than prolonged assaults. The rise in attacks is attributed to a diverse range of threat actors, including hacktivists who are increasingly targeting critical infrastructure within the banking, financial services, government, and utilities sectors. These attacks are not merely acts of vandalism; they pose serious risks by disrupting essential civilian services in nations that oppose the ideologies of these hacktivist groups.

Moreover, key industries that have historically faced frequent and intense multi-vector attacks have seen a 55% increase in such incidents over the past four years. This trend highlights the urgent need for organizations to bolster their cybersecurity measures and prepare for a new era of cyber threats.

Attack Sophistication Strains Networks Worldwide

DDoS attacks are evolving, employing innovative technologies and strategies to disrupt networks. The 1H2024 report from NETSCOUT identifies several significant trends that are reshaping the DDoS landscape:

1. Pro-Russia Hacktivist Activity: The hacktivist group NoName057(16) has intensified its focus on application-layer attacks, particularly HTTP/S GET and POST floods. This shift has contributed to the 43% rise in application-layer attacks compared to the previous year.

2. Botnet Proliferation: The emergence of the Zergeca botnet has led to a 50% increase in bot-infected devices. Additionally, the DDoSia botnet, utilized by NoName057(16), has evolved to incorporate advanced technologies such as DNS over HTTPS (DoH) for command-and-control (C2) operations. This evolution allows attackers to execute more sophisticated and harder-to-detect attacks.

3. Decentralized Attack Coordination: The use of distributed botnet C2 infrastructure has become more prevalent, allowing bots to function as control nodes. This decentralization enhances the resilience and coordination of DDoS attacks, making them more challenging to mitigate.

These trends have resulted in widespread disruptions across various industries, leading to service slowdowns or outages that can cripple revenue streams, delay critical operations, and significantly elevate organizational risks.

Attackers Targeting New Networks

Another alarming finding from the NETSCOUT report is the role of newly established networks and autonomous system numbers (ASNs) in the surge of DDoS activity. Over 75% of newly created networks are involved in DDoS activities—either as targets or as unwitting participants in attacks against others—within just the first 42 days of going online. This trend is particularly concerning as adversaries exploit resilient nuisance networks and bulletproof hosting providers to launch their attacks.

Organizations must recognize the importance of planning for DDoS protection when establishing a new ASN. It is a common misconception that automatic protections will be provided by upstream service providers. In reality, proactive measures are essential to safeguard against potential threats.

Conclusion

The findings from NETSCOUT SYSTEMS, INC.’s 1H2024 DDoS Threat Intelligence Report paint a stark picture of the evolving cyber threat landscape. With significant increases in both application-layer and volumetric attacks, organizations must remain vigilant and proactive in their cybersecurity strategies. The rise of sophisticated attack methods, coupled with the targeting of new networks, underscores the urgent need for comprehensive DDoS protection measures. As the digital world continues to expand, so too does the necessity for robust defenses against the ever-evolving threat of DDoS attacks.