Latest Technology News Today – Get Latest Information Technology Updates and Services Latest Technology News Today – Get Latest Information Technology Updates and Services 
Adversaries launched more than 9.7 million DDoS attacks in 2021, just 3 percent shy of the record-breaking 10 million seen in 2020 and a whopping 14 percent more than seen pre-pandemic in 2019.
Netscout Systems today announced findings from its bi-annual Threat Intelligence Report. The report details how the second half of 2021 established high-powered botnet armies and rebalanced the scales between volumetric and direct-path (non-spoofed) attacks, creating more sophisticated operating procedures for attackers and adding new tactics, techniques, and methods to their arsenals.
The second half of 2021 ushered in a new focus by adversaries, who launched direct-path (non-spoofed) DDoS attacks using botnets and TCP-based floods. This coincided with a drop in DNS and CLDAP amplification, resulting in a decrease in attacks across most countries and regions. The turning point for this decline occurred just before Omicron was discovered, as COVID-19 restrictions were easing, and people began returning to physical offices and classrooms. With less time to engage in malicious activity resulting in fewer DDoS attacks, threat actors certainly lend credence to the proverb that idle hands are the devil’s workshop.
“While it may be tempting to look at the decrease in overall attacks as threat actors scaling back their efforts, we saw significantly higher activity compared to pre-pandemic levels,” said Richard Hummel, threat intelligence lead, NETSCOUT. “The reality is that attackers are constantly innovating and adapting new techniques, including the use of server-class botnets, DDoS-for-Hire services, and increased used direct-path attacks that continually perpetuate the advancement of the threat landscape,” he added.
Adversaries launched more than 9.7 million DDoS attacks in 2021, just 3 percent shy of the record-breaking 10 million seen in 2020 and a whopping 14 percent more than seen pre-pandemic in 2019. So, although it’s tempting to simply look at the decrease in overall attacks as threat actors resting on their laurels, the reality is that attackers are innovating and adapting new techniques and methodologies to strengthen and monetize their nefarious behavior.
Notable findings from the NETSCOUT 2H2021 Threat Intelligence Report include:
- DDoS Extortion and Ransomware Operations are on the rise. Three high-profile DDoS extortion campaigns simultaneously operating is a new high. Ransomware gangs including Avaddon, REvil, BlackCat, AvosLocker, and Suncrypt were observed using DDoS to extort victims. Because of their success, ransomware groups have DDoS extortion operators masquerading as affiliates like the recent REvil DDoS Extortion campaign.
- VOIP Services were Targets of DDoS Extortion. Worldwide DDoS extortion attack campaigns from the REvil copycat were waged against several VOIP services providers. One VOIP service provider reported $9M-$12M in revenue loss due to DDoS attacks.
- DDoS-for-Hire services made attacks easy to launch. NETSCOUT examined 19 DDoS-for-Hire services and their capabilities that eliminate the technical requirements and cost of launching massive DDoS attacks. When combined, they offer more than 200 different attack types.
- APAC attacks increased by 7 percent as other regions subsided. Amid ongoing geopolitical tensions in China, Hong Kong, and Taiwan, the Asia-Pacific region saw the most significant increase in attacks year over year compared to other regions.
- Server-class botnet armies arrived. Cybercriminals have not only increased the number of Internet-of-Things (IoT) botnets but have also conscripted high-powered servers and high-capacity network devices, as seen with the GitMirai, Meris, and Dvinis botnets.
- Direct-path attacks are gaining in popularity. Adversaries inundated organizations with TCP- and UDP-based floods, otherwise known as direct-path or non-spoofed attacks. Meanwhile, a decrease in some amplification attacks drove down the number of total attacks.
- Attackers targeted select industries. Those hardest hit include software publishers (606 percent increase), insurance agencies and brokers (257 percent increase), computer manufacturers (162 percent increase), and colleges, universities, and professional schools (102 percent increase)
- The fastest DDoS attack recorded a 107 percent year-over-year increase. Using DNS, DNS amplification, ICMP, TCP, ACK, TCP RST, and TCP SYN vectors, the multi-vector attack against a target in Russia recorded 453 Mpps.
