Business Wire

Adversaries Continue Cyberattack Onslaught with Greater Precision and Innovative Attack Methods according to 1H2022 NETSCOUT DDoS Threat Intelligence Report

Share

NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) today announced findings from its 1H2022 DDoS Threat Intelligence Report. The findings demonstrate how sophisticated cybercriminals have become at bypassing defenses with new DDoS attack vectors and successful methodologies.

"By constantly innovating and adapting, attackers are designing new, more effective DDoS attack vectors or doubling down on existing effective methodologies," said Richard Hummel, threat intelligence lead, NETSCOUT. "In the first half of 2022, attackers conducted more pre-attack reconnaissance, exercised a new attack vector called TP240 PhoneHome, created a tsunami of TCP flooding attacks, and rapidly expanded high-powered botnets to plague network-connected resources. In addition, bad actors have openly embraced online aggression with high-profile DDoS attack campaigns related to geopolitical unrest, which have had global implications."

Deployed in most of the world's ISPs, large data centers, and government and enterprise networks, NETSCOUT Arbor DDoS attack protection solutions send anonymized DDoS attack statistics to NETSCOUT's Active Level Threat Analysis System (ATLAS™). This data, which includes visibility into more than 190 countries, 550 industries, and 50,000 autonomous system numbers (ASNs), is then analyzed and curated by NETSCOUT's ATLAS Security Engineering and Response Team (ASERT) to provide unique insights in the report. No other vendor sees and knows more about DDoS attack activity and best practices in protection than NETSCOUT.

Key findings from the 1H2022 NETSCOUT DDoS Threat Intelligence Report include:

  • There were 6,019,888 global DDoS attacks in 1st half of 2022.
  • TCP-based flood attacks (SYN, ACK, RST) remain the most used attack vector, with approximately 46% of all attacks continuing a trend that started in early 2021.
  • DNS water-torture attacks accelerated into 2022 with a 46% increase primarily using UDP query floods, while carpet-bombing attacks experienced a big comeback toward the end of the second quarter; overall, DNS amplification attacks decreased by 31% from 2H2021 to 1H2022.
  • The new TP240 PhoneHome reflection/amplifications DDoS vector was discovered in early 2022 with a record-breaking amplification ratio of 4,293,967,296:1; swift actions eradicated the abusable nature of this service.
  • Malware botnet proliferation grew at an alarming rate, with 21,226 nodes tracked in the first quarter to 488,381 nodes in the second, resulting in more direct-path, application-layer attacks.

Geopolitical Unrest Spawns Increased DDoS Attacks
As Russian ground troops entered Ukraine in late February, there was a significant uptick in DDoS attacks targeting governmental departments, online media organizations, financial firms, hosting providers, and cryptocurrency-related firms, as previously documented. However, the ripple effect resulting from the war had a dramatic impact on DDoS attacks in other countries too, including:

  • Ireland experienced a surge in attacks after providing service to Ukrainian organizations.
  • India experienced a measurable increase in DDoS attacks following its abstention from the UN Security Council and General Assembly votes condemning Russia's actions in Ukraine.
  • On the same day, Taiwan endured its single-highest number of DDoS attacks after making public statements supporting Ukraine, as with Belize.
  • Finland experienced a 258% increase in DDoS attacks year-over-year, coinciding with its announcement to apply for NATO membership.
  • Poland, Romania, Lithuania, and Norway were targeted by DDoS attacks linked to Killnet; a group of online attackers aligned with Russia.
  • While the frequency and severity of DDoS attacks in North America remained relatively consistent, satellite telecommunications providers experienced an increase in high-impact DDoS attacks, especially after providing support for Ukraine's communications infrastructure.
  • Russia experienced a nearly 3X increase in daily DDoS attacks since the conflict with Ukraine began and continued through the end of the reporting period.

Similarly, as tensions between Taiwan, China, and Hong Kong escalated in 1H2022, DDoS attacks against Taiwan regularly occurred in concert with related public events.

NETSCOUT's DDoS Threat Intelligence Report covers the latest trends and activities in the DDoS threat landscape. It covers data captured from NETSCOUT's ATLAS and expert insights from ASERT.

The visibility and insights compiled from the global DDOS attack data, represented in the DDoS Threat Intelligence Report, and seen in the Omnis Threat Horizon portal, fuel the ATLAS Intelligence Feed (AIF). In addition, AIF continuously arms NETSCOUT's Omnis and Arbor security portfolio enabling them to automatically detect and block threat activity for enterprises and service providers worldwide.

Visit our interactive website for more information on NETSCOUT's semi-annual DDoS Threat Intelligence Report. You can also find us on Facebook, LinkedIn, and Twitter for threat updates and the latest trends and insights.

About NETSCOUT
NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) protects the connected world from cyberattacks and performance disruptions through advanced network detection and response and pervasive network visibility. Powered by our pioneering deep packet inspection at scale, we serve the world's largest enterprises, service providers, and public sector organizations. Learn more at www.netscout.com or follow @NETSCOUT on LinkedIn, Twitter, or Facebook.

©2022 NETSCOUT SYSTEMS, INC. All rights reserved. NETSCOUT, the NETSCOUT logo, Guardians of the Connected World, Adaptive Service Intelligence, Arbor, ATLAS, Cyber Threat Horizon, InfiniStream, nGenius, nGeniusONE, and Omnis are registered trademarks or trademarks of NETSCOUT SYSTEMS, INC., and/or its subsidiaries and/or affiliates in the USA and/or other countries. Third-party trademarks mentioned are the property of their respective owners.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

Contact information

Editorial Contacts:

Maribel Lopez
Manager, Marketing & Corporate Communications
+1 781 362 4330
maribel.lopez@netscout.com

Chris Shattuck
Finn Partners for NETSCOUT
+1 678 504 6785
NETSCOUT-US@FinnPartners.com

About Business Wire

Business Wire
Business Wire
24 Martin Lane
EC4R 0DR London

+44 20 7626 1982http://www.businesswire.co.uk

(c) 2018 Business Wire, Inc., All rights reserved.

Business Wire, a Berkshire Hathaway company, is the global leader in multiplatform press release distribution.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Esri Named a Leader in 2022 Climate Risk Analytics Report by Independent Research Firm2.12.2022 16:42:00 CET | Press release

Organizations are using modern geographic information system (GIS) technology to better understand the risks presented by climate change and take action. With GIS-driven mapping, analytics, and visualization, leaders can weigh the costs and benefits of plans, mitigate climate-related damage to assets, and make sustainable decisions despite an unpredictable planet. Esri—the global leader in GIS used by many Fortune 500 companies and governments worldwide to improve these sustainability practices—has been recognized by independent research firm Forrester in its report, The Forrester New Wave™: Climate Risk Analytics, Q4 2022. In the report, authored by principal analyst Renee Murphy, Esri received a differentiated rating, the highest score possible, in nine out of ten criteria, including “Advanced Data Processing,” “Visualization,” and “Threat Modeling.” The Forrester report says Esri “offers leading data visualization and advanced processing capabilities,” and that “Esri’s platform acts

Huawei Publishes First White Paper on Approaches to Fairness, Equity & Opportunity2.12.2022 04:07:00 CET | Press release

Huawei called on the ICT industry players to create a level playing field for all people, not just their own employees in its first White Paper on Approaches to Fairness, Equity & Opportunity at their Women in Tech event held at the Peter Drucker Forum. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20221201006045/en/ (Graphic: Business Wire) This White Paper is part of Huawei's ongoing campaign aimed at increasing digital skills education and access for women across the world. Huawei, like many other companies within the ICT industry, has advocated on fairness, opportunity, and equity within their own operations. Notably, the company has taken measurable steps to increase diversity in their workforce and increase internal representation of marginalized groups. It is widely understood that significant, tangible results from such programs are often slow to materialize. And thus Huawei has focused many of its efforts beyond the

H&M and Webhelp Finalize Acquisition of H&M’s Nuremberg Customer Service Center1.12.2022 16:29:00 CET | Press release

The responsible authorities have officially approved the transfer of fashion brand H&M’s Nuremberg customer service center to Webhelp, a leading global customer experience BPO player. The companies, having already signed an agreement in this regard on 19 October 2022, will see Webhelp operate the service center from 1 December onwards under its own name. With this acquisition, Webhelp doubles the number of its employees in Nuremburg and is now one of the largest employers in the industry in northern Bavaria. Today, Webhelp employs more than 110,000 employees in over 60 countries. Webhelp's German headquarters in Nuremberg already provides an attractive working environment with state-of-the-art technical equipment for over 500 employees. Furthermore, Webhelp is committed to investing in the development and wellbeing of its customer advisors, known as 'game-changers,' around the world. Webhelp will welcome the 500 employees of the H&M Service center from today, 1 December, to the Webhelp

Morgan Stanley Sustainable Signals: New Survey Shows Opportunities Exist for Asset Managers to Better Meet Asset Owner Sustainable Investing Needs1.12.2022 16:00:00 CET | Press release

Asset managers have the opportunity to meet asset owners’ growing demands for sustainable investment practices, products and reporting, according to new research by the Morgan Stanley Institute for Sustainable Investing. The latest in the Firm’s Sustainable Signals series, this institutional investor survey polled 110 asset owners in North America, Europe and Asia, as well as 201 asset managers across the same regions to understand what asset owners want and what asset managers are offering—and where the gaps lie in delivering environmental, social and governance (ESG) solutions. “The results of our latest Sustainable Signals survey show that sustainable investing remains an important focus area for institutional investors globally, with the vast majority reporting an increased interest over the past two years,” said Jessica Alsford, Chief Sustainability Officer and CEO of the Institute for Sustainable Investing at Morgan Stanley. “At the same time, our findings show a significant oppo

Successful Product Innovations and Portfolio Acquisition Drive Wella Company to Exceed Profit and Growth Expectations in Successful Second Year1.12.2022 15:12:00 CET | Press release

Wella Company, a global leader in the $100 billion hair and nail segment of the beauty industry, is marking a successful second year as a standalone company, delivering year-over-year double-digit profit and growth ahead of expectations. In Fiscal Year 22, which closed at the end of June, Wella Company beat all targets on financial performance across the globe. Since its founding in December 2020, Wella Company has delivered continuous double-digit profit and growth ahead of expectations and is one of the fastest-growing beauty companies in the sector. Wella Company’s portfolio includes iconic professional and retail hair, nail, and beauty tech brands Wella Professionals, O·P·I, ghd, Briogeo, Nioxin, Sebastian Professional, and Clairol. “Our first two years of business have shown the enduring potential of the Wella Company portfolio – we are re-establishing category excellence in both hair and nails, and both professionals and consumers are falling in love again with our beautiful bran