Throughout history, wars and regional disputes have been what fueled the increase in powerful DDoS attacks. According to a new report from NETSCOUT, this rise has continued.
The DDoS attacks on the company increased in HALF of the countries observed for the first half of 2022. The most significant increase coincided with an escalation in Russia’s cyber war and started right after Ukraine cut Russian media off from their broadcast. NetScout has monitored six million incidents in the past year, with 57% more bandwidth than last year. The figures are calculated following monitoring of 50,000 autonomous systems in 550 different industries across 190 countries.
The six million attacks seen this year is similar to that of the second half of last year, but most were extensions of Russia’s invasion in Ukraine or China’s aggression toward Taiwan and Hong Kong.
Russia and Ukraine have been bombarding each other with DDoS attacks since the invasion began in February, but several other countries have been targeted in recent months.
NETSCOUT tracked an increase in DDoS attacks in Ireland, India, Taiwan, Belize, Romania, Italy, Lithuania, Norway, Poland and Latvia. A lot of them have been targets for their stance on the conflict in Ukraine. They’ve had pro-Ukrainian hackers specifically attack them for it.
Following Finland’s interest in having NATO membership, it has experienced a 258% year-over-year increase in Distributed Denial of Service (DDoS) attacks.
NETSCOUT found that more countries are becoming prone to being attacked by DDoS, especially those that support Ukraine or fail to condemn Russia.
Richard Hummel, Senior Manager of Threat Intelligence at Netscout, told The Record that in the past most DDoS attacks deployed by nation-state criminals were primarily diversionary tactics designed to draw attention.
Right now, the military is using it for a variety of other purposes. These include disruption, deprecating morale, communications interruption and more. The same is largely true today.
“Regarding these DDoS attacks on networks, the primary reason gold is used is that it’s a valuable and interchangeable commodity. However,”
“This is noteworthy as you don’t need to pay for anything to launch these attacks. There was a study done in the UK that showed children of 9 years old or younger knew how to do them and had also launched attacks before. I’m not entirely clear why this is worrisome, but it shows that it’s never too early to learn how to protect oneself from hacks.”
Hummel noted that these cyberattacks are becoming more common because they’re cheap, easy to use, and the repercussions can be limited.
DDoS attacks are anonymous by nature and it is now much easier to carry them out. There are many free tools that make cybercriminals’ job even easier.
He noted that while DDoS attacks may appear to simply knock a website offline for a few hours, they can often cause significant financial damage.
One of the examples Hummel included in their report is an incident with the New Zealand Stock Exchange that resulted in millions of dollars worth of losses.
One VoIP provider we spoke to has had to deal with a lot of issues- not simply how they’re performing but with copycats who try and take advantage of their brand. One service they discussed was how the VoIP market is currently dominated by counterfeit companies, as well as an issue with customer loyalty which can affect their brand if it becomes too high.
According to NETSCOUT, all DDoS attacks that appear to be connected with the Ukraine/Russia conflict seem to use well-known attack vectors from other hacks before.
“Most of the attacks we researched can be attributed to standard DDoS-for-hire services, botnets like Meris & Dvinis, and manually driven tools like LOIC & Killnet Vera.”
Attacks which break records
DDoS attacks are also spiking during the presidential election in Colombia. This also happened during Rio Carnival this year. Following the recent abortion debate in the US and turmoil within the country’s government and religious institutions, many were hit with DDoS attacks.
Multiple security companies have reported an evolution in the size and scope of what they call “DDoS Attacks.”
A content delivery company recently said that it faced a record-breaking DDoS attack, according to recent reports. Their spokesperson explained that this customer had previously faced DDoS attacks, but the attack all of a sudden became much more intense and prolonged.
“This organisation is at the top of their game in terms of security, but it’s unfortunate they’ve been attacked. It was a complex attack, 1800 IP’s and 6 global data centers were targeted at the height of the attack.” he said, explaining the type of attacks they usually track are mostly focused on network equipment and infrastructure.
Google mentioned that they stopped the single largest DDoS attack ever recorded last month. It was 76% larger than the previously recorded largest known DDoS attack.
To put it in perspective, the attack was comparable to receiving all of the daily requests to Wikipedia (one of the top 10 websites in the world) within just ten seconds.
Researchers at NetScout say- “we find demonstrations of this in countries with poorly managed and overloaded infrastructures.” Some radical groups might only have the means to conduct a DDoS attack which, while not very sophisticated in and of itself, can affect many people at the same time if it is powered by a large botnet.
But there is no reason to launch an attack – adversaries will do so for any number of reasons under the guise of activism, religious beliefs, nihilism & military conquest.