Adversaries Continue Cyberattack Onslaught with Greater Precision and Innovative Attack Methods according to 1H2022 NETSCOUT DDoS Threat Intelligence Report
27.9.2022 13:05:00 EEST | Business Wire | Press release
NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) today announced findings from its 1H2022 DDoS Threat Intelligence Report. The findings demonstrate how sophisticated cybercriminals have become at bypassing defenses with new DDoS attack vectors and successful methodologies.
"By constantly innovating and adapting, attackers are designing new, more effective DDoS attack vectors or doubling down on existing effective methodologies," said Richard Hummel, threat intelligence lead, NETSCOUT. "In the first half of 2022, attackers conducted more pre-attack reconnaissance, exercised a new attack vector called TP240 PhoneHome, created a tsunami of TCP flooding attacks, and rapidly expanded high-powered botnets to plague network-connected resources. In addition, bad actors have openly embraced online aggression with high-profile DDoS attack campaigns related to geopolitical unrest, which have had global implications."
Deployed in most of the world's ISPs, large data centers, and government and enterprise networks, NETSCOUT Arbor DDoS attack protection solutions send anonymized DDoS attack statistics to NETSCOUT's Active Level Threat Analysis System (ATLAS™). This data, which includes visibility into more than 190 countries, 550 industries, and 50,000 autonomous system numbers (ASNs), is then analyzed and curated by NETSCOUT's ATLAS Security Engineering and Response Team (ASERT) to provide unique insights in the report. No other vendor sees and knows more about DDoS attack activity and best practices in protection than NETSCOUT.
Key findings from the 1H2022 NETSCOUT DDoS Threat Intelligence Report include:
- There were 6,019,888 global DDoS attacks in 1st half of 2022.
- TCP-based flood attacks (SYN, ACK, RST) remain the most used attack vector, with approximately 46% of all attacks continuing a trend that started in early 2021.
- DNS water-torture attacks accelerated into 2022 with a 46% increase primarily using UDP query floods, while carpet-bombing attacks experienced a big comeback toward the end of the second quarter; overall, DNS amplification attacks decreased by 31% from 2H2021 to 1H2022.
- The new TP240 PhoneHome reflection/amplifications DDoS vector was discovered in early 2022 with a record-breaking amplification ratio of 4,293,967,296:1; swift actions eradicated the abusable nature of this service.
- Malware botnet proliferation grew at an alarming rate, with 21,226 nodes tracked in the first quarter to 488,381 nodes in the second, resulting in more direct-path, application-layer attacks.
Geopolitical Unrest Spawns Increased DDoS Attacks
As Russian ground troops entered Ukraine in late February, there was a significant uptick in DDoS attacks targeting governmental departments, online media organizations, financial firms, hosting providers, and cryptocurrency-related firms, as previously documented. However, the ripple effect resulting from the war had a dramatic impact on DDoS attacks in other countries too, including:
- Ireland experienced a surge in attacks after providing service to Ukrainian organizations.
- India experienced a measurable increase in DDoS attacks following its abstention from the UN Security Council and General Assembly votes condemning Russia's actions in Ukraine.
- On the same day, Taiwan endured its single-highest number of DDoS attacks after making public statements supporting Ukraine, as with Belize.
- Finland experienced a 258% increase in DDoS attacks year-over-year, coinciding with its announcement to apply for NATO membership.
- Poland, Romania, Lithuania, and Norway were targeted by DDoS attacks linked to Killnet; a group of online attackers aligned with Russia.
- While the frequency and severity of DDoS attacks in North America remained relatively consistent, satellite telecommunications providers experienced an increase in high-impact DDoS attacks, especially after providing support for Ukraine's communications infrastructure.
- Russia experienced a nearly 3X increase in daily DDoS attacks since the conflict with Ukraine began and continued through the end of the reporting period.
Similarly, as tensions between Taiwan, China, and Hong Kong escalated in 1H2022, DDoS attacks against Taiwan regularly occurred in concert with related public events.
NETSCOUT's DDoS Threat Intelligence Report covers the latest trends and activities in the DDoS threat landscape. It covers data captured from NETSCOUT's ATLAS and expert insights from ASERT.
The visibility and insights compiled from the global DDOS attack data, represented in the DDoS Threat Intelligence Report, and seen in the Omnis Threat Horizon portal, fuel the ATLAS Intelligence Feed (AIF). In addition, AIF continuously arms NETSCOUT's Omnis and Arbor security portfolio enabling them to automatically detect and block threat activity for enterprises and service providers worldwide.
Visit our interactive website for more information on NETSCOUT's semi-annual DDoS Threat Intelligence Report. You can also find us on Facebook, LinkedIn , and Twitter for threat updates and the latest trends and insights.
About NETSCOUT
NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) protects the connected world from cyberattacks and performance disruptions through advanced network detection and response and pervasive network visibility. Powered by our pioneering deep packet inspection at scale, we serve the world's largest enterprises, service providers, and public sector organizations. Learn more at www.netscout.com or follow @NETSCOUT on LinkedIn, Twitter, or Facebook.
©2022 NETSCOUT SYSTEMS, INC. All rights reserved. NETSCOUT, the NETSCOUT logo, Guardians of the Connected World, Adaptive Service Intelligence, Arbor, ATLAS, Cyber Threat Horizon, InfiniStream, nGenius, nGeniusONE, and Omnis are registered trademarks or trademarks of NETSCOUT SYSTEMS, INC., and/or its subsidiaries and/or affiliates in the USA and/or other countries. Third-party trademarks mentioned are the property of their respective owners.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20220927005076/en/
Contact information
Editorial Contacts:
Maribel Lopez
Manager, Marketing & Corporate Communications
+1 781 362 4330
maribel.lopez@netscout.com
Chris Shattuck
Finn Partners for NETSCOUT
+1 678 504 6785
NETSCOUT-US@FinnPartners.com
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Tax Systems Rebrands as Alphatax16.7.2026 11:00:00 EEST | Press release
Tax Systems, a global tax and accounting software provider, today announced it is rebranding as Alphatax, aligning the company with its flagship corporation tax compliance solution and marking the next stage in its evolution as an AI-first technology business. The rebrand reflects the company's ambition to redefine how tax professionals work through connected, AI-powered technology. As Alphatax, the business is bringing together compliance, data, governance and intelligence into a single platform, creating the foundations for the world’s first tax operating system: a connected environment where tax data, decisions, approvals, filings and evidence can come together. The new identity builds on the strong reputation of Alphatax, a market-leading corporation tax software trusted by tax professionals across the world. Bringing the company’s expanding portfolio together under one master brand will provide customers with a more connected experience across corporate tax, Pillar Two, transfer p
SWISSto12 Closes US$70 Million Series C to Meet Growing Multi-Orbit Demand16.7.2026 10:00:00 EEST | Press release
SWISSto12, a leading enabler of the new space economy, today announced the close of its $70 million (€61 million) Series C. This news follows the award of $84.8 million (€73 million) from European Space Agency (ESA) Member States to the HummingSat ARTES partnership project, through which ESA supports SWISSto12 in the development and in-orbit validation of HummingSat. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260716342732/en/ SWISSto12 will scale its manufacturing and integration capacity to meet accelerating demand from commercial and sovereign government customers. The Series C fundraise follows a period of sustained commercial growth for the company, with revenues of $140 million (€121 million) for 2025 and total contract values now exceeding $500 million (€432 million), driving positive EBITDA in 2026. To date, SWISSto12 has secured seven contracts for its HummingSat geostationary (GEO) small satellite with leading g
AMINA Becomes the First Regulated Bank to Integrate Leading Crypto Payments Network, Mesh16.7.2026 09:30:00 EEST | Press release
AMINA Bank AG (“AMINA”), a Swiss Financial Market Supervisory Authority (FINMA)-regulated crypto bank with global reach, today becomes the first regulated bank to integrate Mesh, the leading crypto payments network. The integration embeds Mesh’s verified deposit technology directly into AMINA’s online banking platform. This allows clients to verify wallet ownership, and deposit stablecoins and digital assets in a single, streamlined flow across more than 300 wallet providers. No more copying wallet addresses by hand, switching between external tools, or completing the multi-step verification the process historically required. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260715917516/en/ AMINA is the first regulated bank on Mesh. Myles Harrison, Chief Product Officer at AMINA, said: “Despite the incredible progress the industry has made in institutional adoption, crypto remains difficult to move safely and efficiently betwe
Garvan Institute of Medical Research Joins Parse Biosciences’ Certified Service Provider Network15.7.2026 23:00:00 EEST | Press release
Parse Biosciences, a QIAGEN company, and the leader in scalable and accessible single cell sequencing, today announced that the Genomics Platform Core Facility within the Garvan Institute of Medical Research has joined its Certified Service Provider (CSP) Program. The partnership broadens access to high-quality, scalable single cell sequencing across Australia, the wider Asia-Pacific region, and beyond. Garvan is one of Australia's preeminent medical research institutions, with the Genomics Platform having deep experience in cell sorting, capture, and sequencing. As a Certified Service Provider, Garvan will offer Parse's Evercode WT kits to researchers across the region. "We see a growing number of requests for Parse projects and find the technology easy to implement and run, generating great data," said Chris O'Keeffe, Cellular Genomics Lead at the Garvan Institute. "Garvan is one of the most respected biomedical research institutions in the world, and we're honored to welcome them to
Grafana Labs Named a Leader in 2026 Gartner® Magic Quadrant™ for Observability Platforms and Positioned Furthest in Completeness of Vision15.7.2026 21:21:00 EEST | Press release
Grafana Labs, the company behind the open observability cloud, today announced it has been named a Leader in the Gartner® Magic Quadrant™ for Observability Platforms for the third consecutive year, and positioned furthest on the Completeness of Vision axis for the second year running. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260715814984/en/ 2026 Gartner® Magic Quadrant™ for Observability Platforms We believe this placement reflects where the market is headed: toward open, composable observability that helps teams in the AI era understand systems that are increasingly complex and agentic, and rapidly scaling thanks to AI-assisted engineering. A Platform Built for the AI Era According to Grafana Labs’ 2026 Observability Survey, operational complexity and overhead are now the top observability challenge, even as adoption of managed observability continues to climb, with half of organizations now using managed observabili
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom
