free counter

Ukraine war drives DDoS attack volumes ever higher

cherezoff –

There’s been a boom in distributed denial-of-service attacks in the initial half a year of 2022, in accordance with a written report, with Russias war on Ukraine assisting to drive activity

Alex Scroxton


Published: 18 Aug 2022 10: 46

The amount of observed distributed denial-of-service (DDoS) attacks nearly trebled through the first half a year of 2022, with tit-for-tat hits by threat actors aligned with Russia and Ukraine driving a lot of the activity, in accordance with new proprietary data from Radware, which includes just published its 2022 H1 Global threat analysis report.

In the report, Radware said Russias attack on Ukraine had had a substantial effect on cyber crime and hacktivist or cyber vigilante activity, disrupting wider cyber efforts driven by national governments and introducing extreme unpredictability.

Radware said it saw both established and newly formed Russian and Ukrainian groups looking to disrupt and create chaos by stealing and leaking information, defacing websites, and conducting denial-of-service attacks.

The threat landscape saw a marked shift in the initial 1 / 2 of 2022, said Pascal Geenens, director of threat intelligence at Radware.

As Russia invaded Ukraine, the cyber focus changed. It shifted from the results of the pandemic, including a rise in attack surfaces driven by home based and the rise of underground crime syndicates, to a groundswell of DDoS activity launched by patriotic hacktivists and new legions of threat actors.

But these attacks weren’t only from the war in Ukraine. Hacktivist groups were also active in targeting the build-up to the May 2022 Philippines presidential election, with opposition politicians, media websites including that of news network CNN and fact-checking resources also targeted by supporters of the then-president Rodrigo Duterte.

Meanwhile, the politically motivated group referred to as DragonForce Malaysia was active in conducting substantial attacks on targets associated with Israel in mid-April, because the countrys then prime minister Naftali Bennett, struggled to carry his government together. Then, in June, exactly the same collective launched some attacks against Indian targets in reaction to controversial statements concerning the prophet Muhammad created by a Hindu politician.

No organisation on the planet is safe from cyber retaliation at the moment, said Geenens. Online vigilantes and hacktivists could disrupt wider security efforts driven by nations and authorities. New legions of actors could introduce extreme unpredictability for intelligence services, developing a prospect of spillover and wrongful attribution which could eventually result in an escalation of the cyber conflict.

All told, Radware said it mitigated 60% more attacks between January and June than it did in the entirety of 2021, with the amount of blocked events per customer doubling every quarter. The common cumulative level of blocked events per customer hit 3.39TB of network traffic up 47% weighed against the first half a year of 2021.

However, the common DDoS attack size per individual incident dropped noticeably through the observed period, from 139Mbps in the fourth quarter of 2021 to 73Mbps in the initial quarter of 2022, and 64.5Mbps in the next although there have been still some very high-volume incidents. One carpet-bombing attack mitigated by Radware represented a complete level of 2.9PB and lasted 36 hours, peaking at 1.5Tbps with a sustained attack rate of over 700GBps for over eight hours. This might have been among the largest ever DDoS incidents.

A related and growing trend through the first half a year of the entire year is a growth in ransom denial-of-service (RDoS) attacks, which combine extortion demands some from groups claiming to be established ransomware gangs with denial-of-service attacks if the victim will not pay. One 2022 campaign by way of a group claiming to be REvil saw ransom notes and demands embedded within the attack payload.

Radwares full report can be acquired for download here. Aside from the firms latest data on DDoS attacks, in addition, it reports on other styles of web application attack and unsolicited network activity.

Read more on Hackers and cybercrime prevention

Read More

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker