The year of DDoS: 2023 has seen a significant attack surge

3 Oct 2023

Image: © Sel_Sanders/Stock.adobe.com

A report by Netscout claims there were 7.9m distributed denial-of-service (DDoS) attacks in the first half of the year, with the rise linked to geopolitical issues.

With so many different types of cyberattacks, it can be difficult to know which is the most prevalent or dangerous.

Ransomware remains a dangerous threat for organisations, where cyberattackers focus on stealing funds by hacking their vital data. Phishing remains a cheap and surprisingly effective way for cyberattacks to thrive, with some experts calling employee logins the “weakest link” in security systems.

But while these attacks tend to take the spotlight, a recent report from Netscout suggests distributed denial-of-service (DDoS) attacks are ramping up in scale significantly. This report claims cybercriminals launched roughly 7.9m of these attacks in the first half of 2023 – around 44,000 attacks every day.

The report claims this is a 31pc increase compared to the same period last year and links the rise in attacks to global issues, such as Russia’s invasion of Ukraine. Netscout claims “ideologically motivated DDoS attacks” have targeted multiple countries, including the US, Ukraine, Finland, Sweden and Russia.

A DDoS attack is an attempt to make an online service unavailable by overwhelming it with high volumes of data from multiple sources. Typically, multiple compromised computer systems are used as sources of attack traffic.

These attacks were recently linked to high-profile attacks on government organisations. Earlier this week, there were reports that the official website of the UK’s royal family was taken offline by a DDoS attack. Last month, Canada claimed that a pro-Russian cybercrime group was launching DDoS attacks against the country’s organisations.

“But it’s not just politics,” the report said. “A wave of DDoS attacks hammered wireless telecommunications, no doubt a result of 5G wireless connectivity expanding at a staggering rate and subscribers opting to use 5G as their primary internet connection.”

More aggressive attacks

There is evidence that DDoS attacks have evolved in effectiveness and efficiency over the years. Last year, Cloudflare said it mitigated a massive DDoS attack that consisted of roughly 5,000 compromised machines – collectively known as a botnet. This botnet was able to generate more than 212m requests from more than 1,500 networks in less than 30 seconds.

There is an aggressive form of DDoS attack known as ‘carpet-bombing’, which is when massive botnet networks are used to orchestrate simultaneous attacks on multiple targets. Netscout said these attacks can cause significant harm by spreading to hundreds or thousands of hosts at the same time.

The report suggests the number of carpet-bombing attacks have grown by 55pc since the beginning of the year, which Netscout said is a “conservative” estimate. Richard Hummel, Netscout senior threat intelligence lead, said the lifecycle of DDoS attack vectors reveals “the persistence of adversaries to find and weaponise new methods of attack”.

“While world events and 5G network expansion have driven an increase in DDoS attacks, adversaries continue to evolve their approach to be more dynamic by taking advantage of bespoke infrastructure such as bulletproof hosts or proxy networks to launch attacks,” Hummel said.

Another form of DDoS attack is called a Domain Name System (DNS) water-torture attack, which is when attackers send an avalanche of requests to DNS servers, in order to cause denial-of-service.

Netscout said these types of DDoS attacks rose from an average of 144 daily attacks at the start of 2023 to 611 at the end of June, which is roughly an increase of 353pc.

“Given the diversity of attacked industries, it appears that both ideologically motivated threat actors and DDoS extortionists intent on monetary gain attack DNS servers to cause disruption to the online properties and activities of organisations in their crosshairs,” the report said.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic

editorial@siliconrepublic.com