A report by Cloudflare highlights that sophisticated DDoS attacks across the globe reached 5.4 trillion in Q2 2023, an increase of 15% as compared to Q1 2023. While many of these DDoS attacks lasted for a few minutes or seconds, recovering from these attacks was a lengthy process, impacting daily operations and businesses.
Key findings
Cryptocurrency companies alone witnessed the highest number of attacks (600%) worldwide, while management consulting and non-profit sectors were the most targeted due to their traffic.
The U.S. suffered the highest number of attacks, followed by Canada and Singapore.
HTTP DDoS attacks continue to be an emerging threat as researchers noted an increase of 15% QoQ. The attacks were seen across Mozambique, Egypt, and Finland.
Contributing factors
One of the factors associated with the pro-Russia hacker groups REvil, Killnet, and Anonymous Sudan targeting Western websites amid the war in Ukraine.
In June, these attackers launched around 10,000 DDoS attacks targeting finance, computer software, gambling, gaming, telecommunications, and media companies.
A zero-day vulnerability (CVE-2022-26143), disclosed in March, exposed Mitel Business phone systems to UDP amplification DDoS attacks that reached as high as 220 billion percent.
Furthermore, a rise in botnets such as Tsunami and AndoryuBot contributed to the surge in DDoS attacks.
One such attack targeting an American ISP had peaked at 1.4 TBps and comprised approximately 11K IP addresses. It was launched using a Mirai-variant botnet.
A new attack tool discovered
Amidst the rise in such threats, a lesser-known Russian group called NoName has revamped the DDoSia attack tool kit to launch more intensive DDoS attacks against Western countries.
Written in Golang, the tool is capable of targeting systems using Windows, Linux, and macOS. It implements an additional layer of security to mask the list of targets, making the analysis process challenging.
Wrapping up
The DDoS threat landscape is evolving and increasingly becoming more complex, demanding more than just traditional security practices. Therefore, organizations must deploy multi-layered defenses and DDoS protection systems to navigate through such attacks. Enabling firewalls, and having good internet security solutions are recommended to ensure safer internet browsing.