DDoS attacks more than doubled last year, hitting software and telecoms industries hardest

0
48
DDoS attacks more than doubled last year, hitting software and telecoms industries hardest
DDoS attacks more than doubled last year, hitting software and telecoms industries hardest

A new F5 Labs report finds that DDoS attacks rose 112% from 2022 to 2023.

Dubai, UAE, July 31, 2024: New research from F5 Labs has found that DDoS (distributed denial of service) attacks came back with a vengeance last year after several years of decline. F5 Labs’ 2024 DDoS Attack Trends report recorded 2,127 attacks in 2023, which is a 112% rise compared to 1,003 in 2022.

Analysis of incidents recorded via the F5 Distributed Cloud platform, combined with insights from F5’s Security Incident Response and Threat Analytics and Reporting teams, also showed that organizations faced an average of 11 attacks in 2023. The most targeted organization was subject to 187 separate attacks during the year, including the largest single attack recorded by F5 Labs.

“Through a combination of geopolitical unrest, trivially exploited vulnerabilities, and the emergence of new botnets, denial-of-service incidents have exploded since our 2023 DDoS Attack Trends report in February 2023,” said David Warburton, director of F5 Labs. “Clearly, the threat from DDoS attacks is constantly evolving, and as this report shows, it is also growing. In a volatile environment, there can be no room for complacency.”

According to F5 Labs’ analysis, attack sizes remained high throughout 2023, staying consistently above 100 GB/s and many over 500 GB/s. February was the outlier, with the biggest attack of that month reaching less than 10 GBps.

“The early months of 2023 were defined by a major law enforcement operation undertaken by Europol and international partners in December 2022,” Warburton explained. “They intervened to shut down servers responsible for much DDoS activity, including one that had facilitated 30 million attacks. The impact of this was substantial but short-lived. After a notably quiet February, by March we observed the largest recorded attack of the year, and over the course of 2023 we saw DDoS attacks bounce back to higher levels of activity than before.”

Industries and geography in the firing line

The sharp rise in DDoS activity hit certain industries particularly hard in 2023. Software and computer services remained the most targeted and experienced more than twice the number of attacks in 2023 as the previous year. The sector was the target of 37% of all attacks, although they were relatively small in size, peaking with a 200 Gbps attack in November.

The biggest target was telecommunications, with companies in the industry being hit by a 655% increase in attacks last year, accounting for almost a quarter (23%) of all DDoS attacks recorded by F5 Labs in 2023.

The third-most targeted sector was support services, which accounted for 11% of total attacks. This sector was also subject to the largest recorded attack, which occurred in March and measured 1 Tbps. In this instance, threat actors attempted to take down the affected organization with a deluge of TCP SYN packets.

Media was another sector to experience a notable upsurge in attacks, highlighting DDoS’ shifting geopolitical dimensions. In a year where global tensions and conflict were rarely out of the headlines, F5 Labs recorded a 250% increase in denial-of-service attacks.

Just as relatively few sectors experienced the vast majority of attacks, they were also concentrated by country. Six nations—the United States, France, Saudi Arabia, Italy, Belgium, and the United Kingdom—were subject to 80% of all DDoS attacks last year. The US alone made up 38% of the total, with its organizations experiencing more than double the number of incidents as those in France, the second-most affected country.

The EMEA region as a whole endured 57% of all incidents in 2023, with incidents more than tripling compared to 2022. Throughout the year, there was a marked and consistent increase in both the quantity of attacks and their peak bandwidth. The mean peak bandwidth saw a dramatic rise from 50 Mbps in January to 5 GB by December. The largest attack occurred in June, measuring just under 500 GB.

“The DDoS landscape is more complicated than ever, as companies not only deal with a growing volume of attacks but also a range of activity that is not necessarily malicious but which can result in denial of service, such as reseller bots attempting to purchase large amounts of inventory or web scrapers seeking to obtain product and pricing information,” said Warburton.

“While many of the attacks monitored may be small, mitigation can be complex and remains essential. The duration of a DDoS attack may be fleeting, but its impact on reputation can be long-lasting. A managed service, monitored by experts who deal with DDoS attacks every day and backed by multi-terabit bandwidth capabilities, certainly offers the widest protection possible and can often be deployed with very little disruption. However, data privacy and compliance reasons may mean that organizations in some sectors need to retain at least an element of on-prem DDoS mitigation.”

For those that cannot wholly rely on a managed DDoS service, F5 Labs recommends deploying DNS firewalls, ensuring malicious IP addresses are blocked, and ensuring solutions are in place to identify bots and non-human traffic.

In addition, the report emphasizes the importance of safeguarding against new DoS attack vectors that often rely on unpatched software or hardware solutions. There is also an ongoing need to stay on top of geopolitical events. The F5 Labs report also emphasized that robust cyber threat intelligence is key to providing a deeper insight into threat actor activity and their intentions for conducting DDoS and other cyberattacks.

Also readAchieving Rapid Outcomes with AI-Driven Cloud Analytics

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.

CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.