By Emad Fahmy, Systems Engineering Manager Middle East at NETSCOUT
The world witnessed record-breaking levels of Distributed denial-of-service (DDoS) attacks at the height of the pandemic. However, since COVID-19 restrictions lifted in the second half of 2021, the overall number of (DDoS) attacks decreased. Despite this, business executives and security professionals should note that total volume of attacks remained above pre-pandemic highs, indicating a year-on-year increase in attacks. Although DDoS activity declined in the second half of the year, results from NETSCOUT’s recently released DDoS Threat Intelligence Report indicates that attackers are exploring new and improved methods to succeed with their criminal activities as countries recover from the pandemic. During the period of July to December 2021, cybercriminals launched more than 4.4 million DDoS attacks worldwide, an average of one DDoS attack every three seconds. These attacks have severely impacted several industries, ranging from education and telecommunications to manufacturing and insurance.
The decline in DDoS attacks
The dramatic increase in attack numbers during the peak of the pandemic mirrored the increased reliance on digital services, given the sudden, widespread switch to remote working and learning during the pandemic – combined with the propensity of threat actors to capitalize on periods of economic uncertainty and hardship.
DDoS activity subsided in the second half of 2021, confirming NETSCOUT’s previous predictions. Prior to the development of the Omicron virus, countries began to emerge from lockdown restrictions, and people returned to in-person education, work, and social gatherings. In turn, DDoS activity dropped by 3% between July AND December 2021, compared to the first half of the year. Regionally, the frequency of DDoS attacks dropped by 12% in Saudi Arabia, showing an improvement in the country’s cybersecurity ranking.
Increasing accessibility of DDoS tools
According to the DDoS Threat Intelligence Report, DDoS-for-hire services are increasingly more accessible to the public. Researchers at NETSCOUT discovered numerous websites that no longer charge a nominal fee and have little to no vetting procedures. As a result, anyone with access to the internet can conduct DDoS assaults against various targets without requiring a bitcoin account or even paying for the service that causes such havoc.
NETSCOUT also observed an increase in DDoS attacks targeting colleges, universities, and professional institutions – some of which employed DDoS-for-hire services – to illustrate how these services could be utilized more extensively. Academic institutions saw a 102% increase in DDoS assaults during the autumn months of 2021. NETSCOUT believes that these attacks were carried out by students to avoid commuting to campuses or postponing their assignment deadlines and tests. These attacks have the potential to cause significant harm to communications service providers and their consumers, as well as a domino effect on other firms in the connectivity supply chain.
DDoS extortion is on the rise
The findings show that the use of 5G networks, which provide the speed and capacity required for higher-profile operations, has resulted in substantial changes in the way DDoS attackers operate. While several other telecommunications sub-sectors experienced fewer attacks in the second half of 2021, wireless telecommunications experienced a 38 percent increase. Attackers used WiFi hotspot gaming vulnerabilities as attack vectors, most likely as a result of the unanticipated widespread deployment of 5G technology.
Furthermore, cybercriminals aim to capitalize rapidly from the rise in DDoS extortion attacks. Attackers are highly motivated to expand the use of extortion measures such as data compromise, ransomware deployment, and DDoS operations.
With the widespread use of these assault techniques, triple extortion campaigns are predicted to become more complex and devastating. As a result, an attack’s damages will create significant interruptions in day-to-day operations and financial losses when organizations pay large quantities of extortion money to keep attackers at bay.
Defence against DDoS attacks – the future
DDoS activity continues to set new records year after year. The changes in assault targets and approaches suggest that attackers are not slowing down, but rather expanding their arsenal of methods. Businesses must invest in a solid and effective DDoS protection system and test it frequently to account for changes in methodology if they are to successfully defend their online infrastructure against these attacks.
Businesses could also consider collaborating with an on-demand DDoS assault specialist. Businesses may navigate unexpected situations and terrain by utilizing their experience, which should have a direct positive impact on their operations. If they follow best current practice protocols and act upon these recommendations, they will be in an excellent position to successfully defend their online sites should they become the target of a DDoS attack.