Adversaries Continue Cyberattack Onslaught with Greater Precision and Innovative Attack Methods according to 1H2022 NETSCOUT DDoS Threat Intelligence Report
27.9.2022 13:05:00 EEST | Business Wire | Press release
NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) today announced findings from its 1H2022 DDoS Threat Intelligence Report. The findings demonstrate how sophisticated cybercriminals have become at bypassing defenses with new DDoS attack vectors and successful methodologies.
"By constantly innovating and adapting, attackers are designing new, more effective DDoS attack vectors or doubling down on existing effective methodologies," said Richard Hummel, threat intelligence lead, NETSCOUT. "In the first half of 2022, attackers conducted more pre-attack reconnaissance, exercised a new attack vector called TP240 PhoneHome, created a tsunami of TCP flooding attacks, and rapidly expanded high-powered botnets to plague network-connected resources. In addition, bad actors have openly embraced online aggression with high-profile DDoS attack campaigns related to geopolitical unrest, which have had global implications."
Deployed in most of the world's ISPs, large data centers, and government and enterprise networks, NETSCOUT Arbor DDoS attack protection solutions send anonymized DDoS attack statistics to NETSCOUT's Active Level Threat Analysis System (ATLAS™). This data, which includes visibility into more than 190 countries, 550 industries, and 50,000 autonomous system numbers (ASNs), is then analyzed and curated by NETSCOUT's ATLAS Security Engineering and Response Team (ASERT) to provide unique insights in the report. No other vendor sees and knows more about DDoS attack activity and best practices in protection than NETSCOUT.
Key findings from the 1H2022 NETSCOUT DDoS Threat Intelligence Report include:
- There were 6,019,888 global DDoS attacks in 1st half of 2022.
- TCP-based flood attacks (SYN, ACK, RST) remain the most used attack vector, with approximately 46% of all attacks continuing a trend that started in early 2021.
- DNS water-torture attacks accelerated into 2022 with a 46% increase primarily using UDP query floods, while carpet-bombing attacks experienced a big comeback toward the end of the second quarter; overall, DNS amplification attacks decreased by 31% from 2H2021 to 1H2022.
- The new TP240 PhoneHome reflection/amplifications DDoS vector was discovered in early 2022 with a record-breaking amplification ratio of 4,293,967,296:1; swift actions eradicated the abusable nature of this service.
- Malware botnet proliferation grew at an alarming rate, with 21,226 nodes tracked in the first quarter to 488,381 nodes in the second, resulting in more direct-path, application-layer attacks.
Geopolitical Unrest Spawns Increased DDoS Attacks
As Russian ground troops entered Ukraine in late February, there was a significant uptick in DDoS attacks targeting governmental departments, online media organizations, financial firms, hosting providers, and cryptocurrency-related firms, as previously documented. However, the ripple effect resulting from the war had a dramatic impact on DDoS attacks in other countries too, including:
- Ireland experienced a surge in attacks after providing service to Ukrainian organizations.
- India experienced a measurable increase in DDoS attacks following its abstention from the UN Security Council and General Assembly votes condemning Russia's actions in Ukraine.
- On the same day, Taiwan endured its single-highest number of DDoS attacks after making public statements supporting Ukraine, as with Belize.
- Finland experienced a 258% increase in DDoS attacks year-over-year, coinciding with its announcement to apply for NATO membership.
- Poland, Romania, Lithuania, and Norway were targeted by DDoS attacks linked to Killnet; a group of online attackers aligned with Russia.
- While the frequency and severity of DDoS attacks in North America remained relatively consistent, satellite telecommunications providers experienced an increase in high-impact DDoS attacks, especially after providing support for Ukraine's communications infrastructure.
- Russia experienced a nearly 3X increase in daily DDoS attacks since the conflict with Ukraine began and continued through the end of the reporting period.
Similarly, as tensions between Taiwan, China, and Hong Kong escalated in 1H2022, DDoS attacks against Taiwan regularly occurred in concert with related public events.
NETSCOUT's DDoS Threat Intelligence Report covers the latest trends and activities in the DDoS threat landscape. It covers data captured from NETSCOUT's ATLAS and expert insights from ASERT.
The visibility and insights compiled from the global DDOS attack data, represented in the DDoS Threat Intelligence Report, and seen in the Omnis Threat Horizon portal, fuel the ATLAS Intelligence Feed (AIF). In addition, AIF continuously arms NETSCOUT's Omnis and Arbor security portfolio enabling them to automatically detect and block threat activity for enterprises and service providers worldwide.
Visit our interactive website for more information on NETSCOUT's semi-annual DDoS Threat Intelligence Report. You can also find us on Facebook, LinkedIn , and Twitter for threat updates and the latest trends and insights.
About NETSCOUT
NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) protects the connected world from cyberattacks and performance disruptions through advanced network detection and response and pervasive network visibility. Powered by our pioneering deep packet inspection at scale, we serve the world's largest enterprises, service providers, and public sector organizations. Learn more at www.netscout.com or follow @NETSCOUT on LinkedIn, Twitter, or Facebook.
©2022 NETSCOUT SYSTEMS, INC. All rights reserved. NETSCOUT, the NETSCOUT logo, Guardians of the Connected World, Adaptive Service Intelligence, Arbor, ATLAS, Cyber Threat Horizon, InfiniStream, nGenius, nGeniusONE, and Omnis are registered trademarks or trademarks of NETSCOUT SYSTEMS, INC., and/or its subsidiaries and/or affiliates in the USA and/or other countries. Third-party trademarks mentioned are the property of their respective owners.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20220927005076/en/
Contact information
Editorial Contacts:
Maribel Lopez
Manager, Marketing & Corporate Communications
+1 781 362 4330
maribel.lopez@netscout.com
Chris Shattuck
Finn Partners for NETSCOUT
+1 678 504 6785
NETSCOUT-US@FinnPartners.com
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Bending Spoons S.p.A. announces pricing of initial public offering1.7.2026 02:56:00 EEST | Press release
Bending Spoons S.p.A. (“Bending Spoons”), a leading technology company, today announces the pricing of its initial public offering (“IPO”) at $29.00 per share. A total of 57,971,015 ordinary shares are being offered, of which 34,398,640 shares are being offered by Bending Spoons and 23,572,375 shares are being offered by certain selling shareholders (the “Selling Shareholders”). Bending Spoons will not receive any proceeds from any sale of shares by the Selling Shareholders. The shares are expected to begin trading on the Nasdaq Global Select Market under the ticker symbol “BSP” on July 1, 2026. The offering is expected to close on July 2, 2026, subject to customary closing conditions. In addition, Bending Spoons and the Selling Shareholders granted the underwriters an option to purchase up to an additional 5,244,026 ordinary shares from Bending Spoons and up to an additional 3,451,626 ordinary shares from the Selling Shareholders at the initial public offering price, less underwriting
FDA Issues Modified Risk Tobacco Product Orders for 20 ZYN Nicotine Pouch Products30.6.2026 19:19:00 EEST | Press release
Philip Morris International Inc. (PMI) (NYSE: PM) today announced that the U.S. Food and Drug Administration (FDA) issued Modified Risk Tobacco Product (MRTP) orders for 20 variants of ZYN nicotine pouch products. These are the first MRTP orders granted for nicotine pouches, allowing PMI U.S. to market the following claim for the authorized ZYN products: “Using ZYN instead of cigarettes puts you at a lower risk of mouth cancer, heart disease, lung cancer, stroke, emphysema, and chronic bronchitis.” “FDA’s decision is an important moment for the more than 45 million legal-age nicotine consumers in America,” saidStacey Kennedy, PMI U.S. CEO. “Today’s news ensures these adultshave access to accurate, science-based information, including FDA-authorized evidence that switching from cigarettes to ZYN reduces the risk of smoking-related diseases like heart disease and lung cancer,” she added. “More broadly, it reinforces the agency’s science-based approach to evaluating products across the co
Caidya Announces Strategic Combination with Simbec-Orion Bridging Early Scientific Insight and Global Clinical Execution30.6.2026 18:00:00 EEST | Press release
Caidya today announced a strategic combination with Simbec-Orion designed to close the divide between early scientific insight and global clinical execution. The combination of Caidya and Simbec-Orion creates a differentiated specialty clinical CRO platform that enables programs to scale, maintaining focus, speed, and accountability. The strategic combination brings together complementary strengths to create a more complete development partner for innovative biopharma companies. With established operations across Europe, the Americas, APAC, and China, the combined organization provides meaningful expertise and execution capabilities in the regions that matter most. Simbec-Orion brings early-phase clinical pharmacology capabilities alongside deep therapeutic expertise for later stage complex oncology and rare disease trials, helping sponsors shape critical decisions early in the development lifecycle. Together, the organizations strengthen their ability to support complex, cross-border
Archer® Proves Purpose-Built AI Beats General-Purpose LLMs on Regulatory Change Management: 95% Verified Accuracy, 80x Faster, 92% Lower Cost30.6.2026 17:13:00 EEST | Press release
For enterprises deploying AI in compliance, a wrong date is a missed deadline. The more dangerous failure is a wrong answer the model returns with high confidence, one that flows silently into a compliance calendar and is only discovered after the window has passed. Archer® today released results showing purpose-built AI beats a general-purpose large language model (LLM) on regulatory work, and it’s not close. This head-to-head test compared Archer’s purpose-built, vertical-specific AI and proprietary data sets against a leading general-purpose LLM, on a core compliance task: determining the publication, effective and comment-close dates of regulatory documents across six jurisdictions. General-purpose models are a genuine breakthrough, and this is no referendum on their quality. The question Archer set out to answer is narrower and more practical: what it takes to make a specific, high-stakes determination reliable, fast and affordable at scale. A vertical, domain-focused process, gro
Altasciences Supports Key Development Milestone for Steel Therapeutics’ Lead Therapeutic Candidate, Fizurex™30.6.2026 17:08:00 EEST | Press release
Altasciences, a leading drug development organization, today announced a significant milestone in the development of Steel Therapeutics, Inc.’s pivotal toxicology study for its lead product candidate, Fizurex™, for the treatment of anal fissures. The successful completion of the study plays a significant role in the advancement of Fizurex™ toward first-in-human trials. The GLP-compliant study demonstrated a favorable safety profile, which has advanced Steel Therapeutics' plans to submit an Investigational New Drug (IND) application for Fizurex™ to the FDA in Q3 2026. Fizurex™, a patent-pending, single-use topical wipe, was designed to provide a standardized, accessible treatment option for a painful and often undertreated medical condition. The product builds on years of use through compounding pharmacy prescriptions and is now advancing toward clinical development and regulatory review. "We are proud to have supported Steel Therapeutics with the generation of the high-quality safety d
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom
