A new report today from cybersecurity company Netscout Systems Inc. reveals a staggering increase in application-layer and botnet-based direct-path attacks.
Netscout’s 5th Anniversary DDoS Threat Intelligence Report found that the number of attacks has jumped by 487% since 2019, with the most significant surge occurring in the second half of 2022. Much of the increase comes from the pro-Russian group Killnet and others that explicitly target websites.
The report’s highlights include peak distributed denial-of-service alert traffic reaching as high as 436 petabits and more than 75 trillion packets in a single day. Service providers are said to have rigorously scrubbed a large percentage of this traffic, while enterprises eliminated an additional daily aggregate average of 345 terabytes of unwanted traffic.
Direct-path attacks have increased by 18% over the past three years, while at the same time, traditional reflection/amplification attacks decreased by nearly the same rate, highlighting a need for a hybrid defense approach to weather the fluctuating attack methodology.
Killnet is regularly mentioned in the report, with the U.S. national security sector experiencing a 16,815% increase in attacks related to the pro-Russia group. Killnet’s most significant spike in attacks occurred after President Biden’s public remarks at the G7 Summit. Another spike occurred the same day the French and U.S. presidents reaffirmed their support for Ukraine.
Netscout’s ASERT analysts tracked over 1.35 million bots from malware families like Mirai, Meris and Dvinis in 2022, with enterprises receiving more than 350,000 security-related alerts with botnet involvement. By contrast, service providers received about 60,000 alerts where bots were present.
Carpet-bombing attacks, an attack method that simultaneously targets entire IP address ranges, increased by 110% from the first to the second half of 2022, with most attacks against internet service provider networks.
Notable attacks in the report include DDoS attacks on the optical instrument and lens manufacturing sector, resulting in a 14,137% increase, mainly against one major distributor with more than 6,000 attacks over four months.
DDoS attacks on the wireless telecommunications industry have grown 79% since 2020, primarily because of the increase in 5G wireless to the home. It accounts for 20% of all DDoS attacks for a specific industry, second only to wired telecommunications carriers.
“DDoS attacks threaten organizations worldwide and challenge their ability to deliver critical services,” said Richard Hummel, threat intelligence lead at Netscout. “With multi-terabit-per-second attacks now commonplace, and bad actors’ arsenals continuing to grow in sophistication and complexity, organizations need a strategy that can quickly adapt to the dynamic nature of the DDoS threat landscape.”