Adversaries Continue Cyberattack Onslaught with Greater Precision and Innovative Attack Methods according to 1H2022 NETSCOUT DDoS Threat Intelligence Report
27.9.2022 13:05:00 EEST | Business Wire | Press release
NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) today announced findings from its 1H2022 DDoS Threat Intelligence Report. The findings demonstrate how sophisticated cybercriminals have become at bypassing defenses with new DDoS attack vectors and successful methodologies.
"By constantly innovating and adapting, attackers are designing new, more effective DDoS attack vectors or doubling down on existing effective methodologies," said Richard Hummel, threat intelligence lead, NETSCOUT. "In the first half of 2022, attackers conducted more pre-attack reconnaissance, exercised a new attack vector called TP240 PhoneHome, created a tsunami of TCP flooding attacks, and rapidly expanded high-powered botnets to plague network-connected resources. In addition, bad actors have openly embraced online aggression with high-profile DDoS attack campaigns related to geopolitical unrest, which have had global implications."
Deployed in most of the world's ISPs, large data centers, and government and enterprise networks, NETSCOUT Arbor DDoS attack protection solutions send anonymized DDoS attack statistics to NETSCOUT's Active Level Threat Analysis System (ATLAS™). This data, which includes visibility into more than 190 countries, 550 industries, and 50,000 autonomous system numbers (ASNs), is then analyzed and curated by NETSCOUT's ATLAS Security Engineering and Response Team (ASERT) to provide unique insights in the report. No other vendor sees and knows more about DDoS attack activity and best practices in protection than NETSCOUT.
Key findings from the 1H2022 NETSCOUT DDoS Threat Intelligence Report include:
- There were 6,019,888 global DDoS attacks in 1st half of 2022.
- TCP-based flood attacks (SYN, ACK, RST) remain the most used attack vector, with approximately 46% of all attacks continuing a trend that started in early 2021.
- DNS water-torture attacks accelerated into 2022 with a 46% increase primarily using UDP query floods, while carpet-bombing attacks experienced a big comeback toward the end of the second quarter; overall, DNS amplification attacks decreased by 31% from 2H2021 to 1H2022.
- The new TP240 PhoneHome reflection/amplifications DDoS vector was discovered in early 2022 with a record-breaking amplification ratio of 4,293,967,296:1; swift actions eradicated the abusable nature of this service.
- Malware botnet proliferation grew at an alarming rate, with 21,226 nodes tracked in the first quarter to 488,381 nodes in the second, resulting in more direct-path, application-layer attacks.
Geopolitical Unrest Spawns Increased DDoS Attacks
As Russian ground troops entered Ukraine in late February, there was a significant uptick in DDoS attacks targeting governmental departments, online media organizations, financial firms, hosting providers, and cryptocurrency-related firms, as previously documented. However, the ripple effect resulting from the war had a dramatic impact on DDoS attacks in other countries too, including:
- Ireland experienced a surge in attacks after providing service to Ukrainian organizations.
- India experienced a measurable increase in DDoS attacks following its abstention from the UN Security Council and General Assembly votes condemning Russia's actions in Ukraine.
- On the same day, Taiwan endured its single-highest number of DDoS attacks after making public statements supporting Ukraine, as with Belize.
- Finland experienced a 258% increase in DDoS attacks year-over-year, coinciding with its announcement to apply for NATO membership.
- Poland, Romania, Lithuania, and Norway were targeted by DDoS attacks linked to Killnet; a group of online attackers aligned with Russia.
- While the frequency and severity of DDoS attacks in North America remained relatively consistent, satellite telecommunications providers experienced an increase in high-impact DDoS attacks, especially after providing support for Ukraine's communications infrastructure.
- Russia experienced a nearly 3X increase in daily DDoS attacks since the conflict with Ukraine began and continued through the end of the reporting period.
Similarly, as tensions between Taiwan, China, and Hong Kong escalated in 1H2022, DDoS attacks against Taiwan regularly occurred in concert with related public events.
NETSCOUT's DDoS Threat Intelligence Report covers the latest trends and activities in the DDoS threat landscape. It covers data captured from NETSCOUT's ATLAS and expert insights from ASERT.
The visibility and insights compiled from the global DDOS attack data, represented in the DDoS Threat Intelligence Report, and seen in the Omnis Threat Horizon portal, fuel the ATLAS Intelligence Feed (AIF). In addition, AIF continuously arms NETSCOUT's Omnis and Arbor security portfolio enabling them to automatically detect and block threat activity for enterprises and service providers worldwide.
Visit our interactive website for more information on NETSCOUT's semi-annual DDoS Threat Intelligence Report. You can also find us on Facebook, LinkedIn , and Twitter for threat updates and the latest trends and insights.
About NETSCOUT
NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) protects the connected world from cyberattacks and performance disruptions through advanced network detection and response and pervasive network visibility. Powered by our pioneering deep packet inspection at scale, we serve the world's largest enterprises, service providers, and public sector organizations. Learn more at www.netscout.com or follow @NETSCOUT on LinkedIn, Twitter, or Facebook.
©2022 NETSCOUT SYSTEMS, INC. All rights reserved. NETSCOUT, the NETSCOUT logo, Guardians of the Connected World, Adaptive Service Intelligence, Arbor, ATLAS, Cyber Threat Horizon, InfiniStream, nGenius, nGeniusONE, and Omnis are registered trademarks or trademarks of NETSCOUT SYSTEMS, INC., and/or its subsidiaries and/or affiliates in the USA and/or other countries. Third-party trademarks mentioned are the property of their respective owners.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20220927005076/en/
Contact information
Editorial Contacts:
Maribel Lopez
Manager, Marketing & Corporate Communications
+1 781 362 4330
maribel.lopez@netscout.com
Chris Shattuck
Finn Partners for NETSCOUT
+1 678 504 6785
NETSCOUT-US@FinnPartners.com
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
FIFA World Cup™ Fans Embrace Referee View as Lenovo AI Brings Viewers Closer to the Pitch9.7.2026 07:00:00 EEST | Press release
New international research from Lenovo reveals that technological advancements are fundamentally changing how fans experience the FIFA World Cup 2026™, making viewers feel closer to the action than ever before. According to a survey of football fans across Australia, Canada, India, U.K., U.S., 87% say technology is improving their viewing experience, and 84% report the close-to-action camera perspectives help them feel like they're right there on the pitch. Accelerating this unprecedented view of the game is Referee View, powered by Lenovo AI that gives viewers a first-person look at the match from the referee’s point of view. The research further found: Over three-quarters (76%) of FIFA World Cup™ viewers have seen or heard about Referee View, and 91% say the close-to-action perspective is appealing. 88% say that smooth, stable footage is an important part of viewing sports footage, and nearly all fans (98%) say clear picture quality has been important when watching this FIFA World Cu
Empire State Building Observation Deck Launches Exclusive Soccer Jersey Ticket Offer for Sports Fans in July9.7.2026 01:37:00 EEST | Press release
The Empire State Building Observation Deck (ESBOD) today announced a new, exclusive ticket offer for soccer fans who don their favorite team’s duds at the “World’s Most Famous Building” in anticipation of the tournament final. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260708711923/en/ Empire State Building Observation Deck Launches Exclusive Soccer Jersey Ticket Offer for Sports Fans in July Guests who plan to wear their soccer jersey to the Empire State Building Observation Deck can purchase tickets online for 15 percent off to enjoy the immersive museum experience and New York City’s best views from the 86th and 102nd Floor Observation Decks. The limited-time offer is available only to guests who wear their soccer jersey on the day of their visit from now through July 31. “Whether they rep their favorite country’s jersey or the shirt from their hometown heroes, guests can celebrate their teams with prime views of the
New Esri Press Book Shows That GIS Can Transform the Entire Campus, Starting at the Classroom9.7.2026 00:33:00 EEST | Press release
Esri has released The Spatial Edge: The Strategic Advantage of GIS Skills Across Higher Education, a practical and accessible guide that demonstrates how geographic information system (GIS) technology can unify campuses academically and operationally. While GIS is often associated with disciplines such as geography, planning, and environmental studies, The Spatial Edge expands that view through real-world case examples. The book shows how spatial thinking can connect departments; strengthen decision-making; and help institutions address complex challenges across teaching, research, and campus operations. Designed for administrators, educators, and campus leaders, the guide highlights GIS being used across higher education to: Enhance teaching and student engagement Advance interdisciplinary research Improve campus planning and operations Strengthen community partnerships Prepare graduates with in-demand geospatial skills From the classroom to facilities management, The Spatial Edge ill
Jefferies Financial Group Inc. Announces Pricing of €850,000,000 4.500% Senior Notes Due 20338.7.2026 23:16:00 EEST | Press release
Jefferies Financial Group Inc. (NYSE: JEF) (“JFG”, “we” or “our”) today announced the pricing of its public offering of €850,000,000 aggregate principal amount of 4.500% Senior Notes due 2033 (the “Notes”) with an effective yield of 4.544%, maturing, July 15, 2033. The offering is expected to settle on July 15, 2026, subject to the satisfaction of customary closing conditions. Application is expected to be made for the Notes to be admitted to the Official List of the Irish Stock Exchange plc, trading as Euronext Dublin, and admitted to trading on the Global Exchange Market of Euronext Dublin; any listing is subject to approval by Euronext Dublin. JFG intends to use the net proceeds of the offering for general corporate purposes. Jefferies International Limited served as sole global co-ordinator and joint active book-runner for the offering of the Notes, Banco Santander, S.A., Citigroup Global Markets Limited, Natixis, SMBC Bank International plc and Société Générale served as joint act
KiddeFenwal Launches New Website and Information Hub8.7.2026 19:00:00 EEST | Press release
KiddeFenwal, the global leader in the fire suppression and safety controls industry, today unveiled a revitalized website, designed to serve as a comprehensive information hub for fire industry practitioners and customers alike. The modernized platform includes features created specifically with the company’s global partners, OEMs and distributors in mind, including: Accelerated asset navigation, pointing users to critical safety documentation, design parameters and product specifications; Seamless solution mapping, helping users quickly locate fire suppression configurations by industry, from data centers to BESS applications to commercial kitchens; and Enhanced resource access, including streamlined pathways to connect with the company’s elite distributor network across 120 countries. It also provides information about the company’s three brands, Kidde Fire Systems, Kidde Fire Protection and Fenwal Controls, replacing other sites serving customers in Europe and India. The launch of t
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom
