Adversaries Continue Cyberattack Onslaught with Greater Precision and Innovative Attack Methods according to 1H2022 NETSCOUT DDoS Threat Intelligence Report
NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) today announced findings from its 1H2022 DDoS Threat Intelligence Report. The findings demonstrate how sophisticated cybercriminals have become at bypassing defenses with new DDoS attack vectors and successful methodologies.
"By constantly innovating and adapting, attackers are designing new, more effective DDoS attack vectors or doubling down on existing effective methodologies," said Richard Hummel, threat intelligence lead, NETSCOUT. "In the first half of 2022, attackers conducted more pre-attack reconnaissance, exercised a new attack vector called TP240 PhoneHome, created a tsunami of TCP flooding attacks, and rapidly expanded high-powered botnets to plague network-connected resources. In addition, bad actors have openly embraced online aggression with high-profile DDoS attack campaigns related to geopolitical unrest, which have had global implications."
Deployed in most of the world's ISPs, large data centers, and government and enterprise networks, NETSCOUT Arbor DDoS attack protection solutions send anonymized DDoS attack statistics to NETSCOUT's Active Level Threat Analysis System (ATLAS™). This data, which includes visibility into more than 190 countries, 550 industries, and 50,000 autonomous system numbers (ASNs), is then analyzed and curated by NETSCOUT's ATLAS Security Engineering and Response Team (ASERT) to provide unique insights in the report. No other vendor sees and knows more about DDoS attack activity and best practices in protection than NETSCOUT.
Key findings from the 1H2022 NETSCOUT DDoS Threat Intelligence Report include:
- There were 6,019,888 global DDoS attacks in 1st half of 2022.
- TCP-based flood attacks (SYN, ACK, RST) remain the most used attack vector, with approximately 46% of all attacks continuing a trend that started in early 2021.
- DNS water-torture attacks accelerated into 2022 with a 46% increase primarily using UDP query floods, while carpet-bombing attacks experienced a big comeback toward the end of the second quarter; overall, DNS amplification attacks decreased by 31% from 2H2021 to 1H2022.
- The new TP240 PhoneHome reflection/amplifications DDoS vector was discovered in early 2022 with a record-breaking amplification ratio of 4,293,967,296:1; swift actions eradicated the abusable nature of this service.
- Malware botnet proliferation grew at an alarming rate, with 21,226 nodes tracked in the first quarter to 488,381 nodes in the second, resulting in more direct-path, application-layer attacks.
Geopolitical Unrest Spawns Increased DDoS Attacks
As Russian ground troops entered Ukraine in late February, there was a significant uptick in DDoS attacks targeting governmental departments, online media organizations, financial firms, hosting providers, and cryptocurrency-related firms, as previously documented. However, the ripple effect resulting from the war had a dramatic impact on DDoS attacks in other countries too, including:
- Ireland experienced a surge in attacks after providing service to Ukrainian organizations.
- India experienced a measurable increase in DDoS attacks following its abstention from the UN Security Council and General Assembly votes condemning Russia's actions in Ukraine.
- On the same day, Taiwan endured its single-highest number of DDoS attacks after making public statements supporting Ukraine, as with Belize.
- Finland experienced a 258% increase in DDoS attacks year-over-year, coinciding with its announcement to apply for NATO membership.
- Poland, Romania, Lithuania, and Norway were targeted by DDoS attacks linked to Killnet; a group of online attackers aligned with Russia.
- While the frequency and severity of DDoS attacks in North America remained relatively consistent, satellite telecommunications providers experienced an increase in high-impact DDoS attacks, especially after providing support for Ukraine's communications infrastructure.
- Russia experienced a nearly 3X increase in daily DDoS attacks since the conflict with Ukraine began and continued through the end of the reporting period.
Similarly, as tensions between Taiwan, China, and Hong Kong escalated in 1H2022, DDoS attacks against Taiwan regularly occurred in concert with related public events.
NETSCOUT's DDoS Threat Intelligence Report covers the latest trends and activities in the DDoS threat landscape. It covers data captured from NETSCOUT's ATLAS and expert insights from ASERT.
The visibility and insights compiled from the global DDOS attack data, represented in the DDoS Threat Intelligence Report, and seen in the Omnis Threat Horizon portal, fuel the ATLAS Intelligence Feed (AIF). In addition, AIF continuously arms NETSCOUT's Omnis and Arbor security portfolio enabling them to automatically detect and block threat activity for enterprises and service providers worldwide.
Visit our interactive website for more information on NETSCOUT's semi-annual DDoS Threat Intelligence Report. You can also find us on Facebook, LinkedIn , and Twitter for threat updates and the latest trends and insights.
NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) protects the connected world from cyberattacks and performance disruptions through advanced network detection and response and pervasive network visibility. Powered by our pioneering deep packet inspection at scale, we serve the world's largest enterprises, service providers, and public sector organizations. Learn more at www.netscout.com or follow @NETSCOUT on LinkedIn, Twitter, or Facebook.
©2022 NETSCOUT SYSTEMS, INC. All rights reserved. NETSCOUT, the NETSCOUT logo, Guardians of the Connected World, Adaptive Service Intelligence, Arbor, ATLAS, Cyber Threat Horizon, InfiniStream, nGenius, nGeniusONE, and Omnis are registered trademarks or trademarks of NETSCOUT SYSTEMS, INC., and/or its subsidiaries and/or affiliates in the USA and/or other countries. Third-party trademarks mentioned are the property of their respective owners.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
Manager, Marketing & Corporate Communications
+1 781 362 4330
Finn Partners for NETSCOUT
+1 678 504 6785
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
IFF to Webcast 2022 Investor Day Presentations on December 729.11.2022 00:15:00 EET | Press release
IFF (NYSE:IFF) today announced that it will webcast its 2022 Investor Day presentation on Wednesday, Dec. 7, 2022, beginning at 1:00 p.m. ET. Investors may access the live webcast and accompanying slide presentation on the Company's website at ir.iff.com. For those unable to listen to the live webcast, a recorded version will be made available for replay. Welcome to IFF At IFF (NYSE: IFF), an industry leader in food, beverage, health, biosciences and scent, science and creativity meet to create essential solutions for a better world – from global icons to unexpected innovations and experiences. With the beauty of art and the precision of science, we are an international collective of thinkers who partners with customers to bring scents, tastes, experiences, ingredients and solutions for products the world craves. Together, we will do more good for people and planet. Learn more at iff.com, Twitter, Facebook, Instagram, and LinkedIn. View source version on businesswire.com: https://www.b
Megaport Adds Cloud and Networking Sales Veteran Jeff Tworek to the Executive Team as Chief Revenue Officer29.11.2022 00:00:00 EET | Press release
Megaport (ASX: MP1), a leading global Network as a Service (NaaS) provider, announced today the addition of Jeff Tworek to the executive team as Chief Revenue Officer. Tworek will be responsible for overall revenue generation and will manage all aspects of Megaport’s global sales organisation. Mr Tworek brings more than 30 years of cloud and networking industry experience operating commercial business units within billion-dollar companies, including nearly 20 years at Akamai Technologies, to Megaport. Prior to joining the Company, Mr Tworek held the CRO position at Contrast Security, where he helped the company scale its teams, bring in key leadership, and prepare the company for growth. He brings a wealth of high growth and expansion-related expertise from his time spent at both start-ups and large, established organizations. “We are delighted to welcome Jeff to the team,” said Vincent English, Chief Executive Officer, Megaport. “Jeff’s experience with leading and transforming global
AGCO Agriculture Foundation Donates to UK's Biggest Charity Fighting Hunger and Tackling Food Waste28.11.2022 22:52:00 EET | Press release
The AGCO Agriculture Foundation (AAF), a private foundation with the vision to prevent and relieve hunger through sustainable agricultural development, today announced a USD 300,000 grant to FareShare to ensure surplus food reaches vulnerable communities in the United Kingdom while tackling food waste. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20221128005695/en/ AAF grant to FareShare to secure 475 tonnes of surplus food. (Photo: Business Wire) The two-year partnership is expected to help FareShare secure 475 tonnes of surplus food and redistribute more than one million meals. The project will assist in growing the award-winning Surplus with Purpose Fund, which covers the cost for farmers to harvest and divert food that would have otherwise been wasted. The Intergovernmental Panel on Climate Change estimates that food waste contributes between 8 and 10 percent of global greenhouse gas emissions, so tackling food waste is
Quantfury Introduces Fractional Trading Mode for Stocks, ETFs and Commodities28.11.2022 21:00:00 EET | Press release
Quantfury Trading Limited (“Quantfury”), a global brokerage firm that delivers commission-free trading and investing at real-time spot prices of global and crypto exchanges, today announced the launch of fractional trading mode with more than 1500+ stocks, ETFs and commodity futures contracts available to trade on the Quantfury platform. Quantfurians can now buy and sell fractional shares of all stocks, ETFs and commodity futures contracts at their real-time US and European exchanges spot prices with zero commissions and borrowing fees, providing improved trading and investment experience. “Quantfury is advancing its unmatched trading and investing conditions further by making it even more affordable to Quantfurians out there,” said Daniel Muvdi, Quantfury’s Head of Markets. “Fractional trading mode opens up more trading opportunities to the Quantfury global audience of more than 400,000 Quantfurians.” Fractional trading mode is available on all Quantfury trading platforms immediately,
The 4th World Science and Technology Development Forum Held in Chengdu28.11.2022 19:06:00 EET | Press release
The 4th World Science and Technology Development Forum with the theme “Openness, Trust and Cooperation” kicked off in Chengdu on November 27, 2022, which was attended by more than 300 top experts and scholars, representatives of international organizations, and entrepreneurs, from more than 20 countries and regions, including 7 Nobel laureates and more than 60 academicians home and abroad. Together, they discussed technological innovation and sustainable development in key fields such as basic science, climate change, digital economy, and green innovation, and proposed technological innovation solutions to address the challenges of today. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20221128005539/en/ The 4th World Science and Technology Development Forum Held in Chengdu (Photo: Business Wire) The world today is facing many challenges, such as the COVID-19 pandemic, energy security, food security, climate change, poverty, an
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.Visit our pressroom