NETSCOUT released its 2H2024 DDoS Threat Intelligence Report, revealing how Distributed Denial of Service (DDoS) attacks have become a dominant means of waging cyberwarfare linked to sociopolitical events such as elections, civil protests and policy disputes. The findings show how attackers exploit moments of national vulnerability to amplify chaos and erode trust in institutions, as they target the critical infrastructure of governments, commercial entities and service providers.
Throughout the year, DDoS attacks were intricately tied to social and political events, including Israel experiencing a 2,844 percent surge linked to hostage rescues and political conflicts, Georgia enduring a 1,489 percent increase during the lead-up to the passage of the “Russia Bill,” Mexico having a 218 percent increase during national elections, and the United Kingdom experiencing a 152 percent increase on the day the Labour Party resumed session in Parliament.
“DDoS has emerged as the go-to tool for cyberwarfare,” stated Richard Hummel, director, threat intelligence, NETSCOUT. “NoName057(16) continues to be the leading actor for politically motivated DDoS campaigns targeting governments, infrastructure and organisations. In 2024, they repeatedly targeted government services in the United Kingdom, Belgium and Spain.”
AI and automation drive scale and impact
DDoS-for-hire services have become more powerful using AI for CAPTCHA bypassing, with about 9 in 10 platforms now offering this capability. Additionally, many employ automation to enable dynamic, multi-target campaigns and offer infrastructure exploitation techniques such as carpet bombing, geo-spoofing, and IPv6 to expand attack surfaces. Even the most novice operators can launch significant DDoS attack campaigns causing substantial harm.
Botnets playing a bigger role
Enterprise servers and routers have been exploited to intensify attacks and make remediation more challenging. Overall botnet populations declined by 5 percent but demonstrated strong resiliency despite concerted takedown efforts. Law enforcement takedown efforts, like Operation PowerOFF, continue to target DDoS-for-hire services but only momentarily disrupt attack platforms as new platforms take their place. The long-term impact is uncertain as attackers adapt and reconstitute their networks, with no significant decline in global attack volume.
DDoS attacks are adaptive and persistent
DDoS attacks are evolving and adapting faster than ever, creating a challenge for defenders and those entrusted with protecting critical infrastructure networks and service availability. Enterprises, government organisations, and service providers are all targets for DDoS attacks. Successful strategies must deploy proactive intelligence-driven methodologies and automation to mitigate modern-day DDoS attacks effectively. Staying ahead of new threats demands that organisations outmanoeuvre an adversary that can force multiply its strength, speed, intelligence, and persistence like nothing the world has ever seen.
Unparalleled attack visibility
NETSCOUT maps the DDoS landscape through passive, active and reactive vantage points, providing unparalleled visibility into global attack trends. NETSCOUT protects two-thirds of the routed IPv4 space, securing network edges that carried global peak traffic of over 700 Tbps in 2H2024. It monitors tens of thousands of daily DDoS attacks by tracking multiple botnets and DDoS-for-hire services that leverage millions of abused or compromised devices.
To read more news and exclusives, see our latest issue here.
Never miss a story… Follow us on:
LinkedIn: Security Buyer
Twitter (X): @SecurityBuyer
Facebook: @Secbuyer
Media Contact
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
Email: editor@securitybuyer.com
