An increase in ‘DNS Water Torture’ attacks contributed to more than 7 million DDoS attacks in the second half of 2023, fueled by a rise in global activity from hacktivist groups.

https://seenthis.kr/newspage/2351⁠⁠⁠⁠⁠⁠⁠

NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) today released its Q2 2023 DDoS Threat Intelligence Report, which analyzes the trends and attack methodologies being used by hackers against service providers, enterprises, and end users. The information cited in the report is collected on a global scale from NETSCOUT’s unparalleled internet visibility to gather, analyze, prioritize, and disseminate data on DDoS attacks across 214 countries and territories, 456 industry segments, and more than 13,000 Autonomous System Numbers (ASNs). Driven by a surge in hacktivist groups with technical sophistication and political motivations, as well as DNS Water Torture attacks, NETSCOUT observed more than 7 million DDoS attacks in the second half of 2023, a 15% increase from the first half of the year.

Hacktivism Up 10x

DDoS (Distributed Denial-of-Service) hacktivism exemplified a shift in the global security landscape last year, transcending geographic boundaries. Groups like NoName057(016) and Anonymous Sudan, along with individual hackers and small groups, are increasingly using DDoS attacks to target individuals ideologically opposed to them, including:

· Peru experienced a 30% increase in attacks related to protests against the release of former Peruvian President Fujimori on December 6.
· Poland experienced a surge in attacks at the end of 2023 related to the change of power and statements reaffirming Poland’s support for Ukraine in the Russia-Ukraine conflict.
· Anonymous Sudan targeted X (formerly Twitter) to influence Elon Musk in relation to Starlink services within Sudan, and attacked Telegram to disrupt its main channel.

NoName057(016), Anonymous Sudan, and Killnet have been named as being behind DDoS attacks targeting communication infrastructure, hospitals, and banks in Ukraine, Russia, Israel, and Palestine. Daily attacks from hacktivists increased more than 10 times between the first and second half of 2023. NoName057(016) was ranked #1 on the list of DDoS attackers in 2023, targeting 780 websites in 35 countries.

Water Torture Attacks on the Rise

DNS (Domain Name System) Water Torture attacks, which target critical systems at the heart of the internet’s control plane, have been on the rise since late 2019. Designed to overwhelm authoritative DNS servers, DNS query floods have experienced a staggering 553% increase from the first half of 2020 through the second half of 2023. Rather than targeting a single website or server, attackers target entire systems, causing much greater damage.

Gaming and Gambling Targeted

NETSCOUT’s research identifies gaming and gambling related to gaming as prime targets for DDoS attacks. Threat actors are attracted to this sector’s significant financial value, and the goal of disrupting competitors, particularly during online esports tournaments. Historically, 80-90% of all DDoS attacks have been associated with gaming and gambling. NETSCOUT assessed attacks against companies in this sector, concluding that more than 100,000 DDoS attacks targeted the gaming industry in 2023, and more than 2,500 targeted companies associated with gambling.

Furthermore, NETSCOUT’s observations of the DDoS threat landscape indicate that about 1% of DDoS attacks are mitigated at the origin network.

“Over the last year, global attackers have become more sophisticated, targeting websites and overloading servers to disrupt customers, create digital chaos, and influence geopolitical issues,” said Richard Hummel, Senior Threat Intelligence Lead at NETSCOUT. “The relentless barrage of DDoS threats is increasing costs and creating security fatigue for network operators. Without proper advanced DDoS defense that utilizes predictive, real-time threat intelligence, network operators cannot protect their digital assets.”

With decades of experience working alongside some of the world’s largest service providers and enterprises, NETSCOUT gains extensive visibility into the global internet to identify the pulse of the digital world. Its ability to monitor and respond to DDoS attacks is supported by NETSCOUT’s ATLAS platform, which can analyze an impressive 500 terabits per second (Tbps) of network traffic.

For more information on NETSCOUT’s DDoS Threat Intelligence Report, visit NETSCOUT’s interactive website. To see real-time DDoS attack statistics, maps, and insights, visit NETSCOUT Cyber Threat Horizon.

About NETSCOUT

NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) protects the connected world from cyberattacks and performance and availability disruptions through its unique visibility platform and solutions based on pioneering large-scale deep packet inspection technology. NETSCOUT serves the world’s largest enterprises, service providers, and public sector organizations. Learn more at www.netscout.com or follow @NETSCOUT on LinkedIn, X, or Facebook.