Europe - The DDoS Battlefield Of 2022

Findings in the new Threat Landscape Report from the leading secure connectivity firm Arelion, cast a light on key global Distributed Denial-of-Service (DDoS) Attack trends observed in 2022 from traffic data on its #1 ranked Internet backbone, AS1299. The Report investigates the overall impact of DDoS attacks, the evolution of specific attacks vectors and the significance of major social and geopolitical events. 

The findings reveal that Europe saw the greatest concentration of DDoS activity in 2022, most likely consequences of the war in Ukraine.  As with previous years, DDoS attacks appear to reflect major geo-political challenges and social tensions and have become an increasingly significant part in the hybrid warfare arsenal. 

As the Ukrainian authorities sought a safe harbour for digital state registries and databases, Arelion saw the distribution of attacks move away from active conflict areas into global cloud centres, both as a result of damage to local network infrastructure, but also as local databases and applications were strategically migrated into the cloud. 

Elsewhere in the world, Arelion observed lower Asia-US DDoS activity and fewer DDoS attacks to and from South America in 2022. 

Attack Distribution & Intensity

In 2022, peak attack traffic in Mega Packets Per Second (Mpps) was up 19% from 2021. This trend reflects overall Internet traffic growth but is also due to a continuing shift towards fewer, but more spectacular attacks. Whilst there has been an increase in the number of large attacks (both in terms of bits and packets), the report reveals the vast majority of attacks are still small and mostly driven by free tier stress test or DDoS-as-a-Service attacks instigated by amateur cybercriminals. 

Arelion saw the biggest increase in the 5-20 & 20-50 Gbps attack ranges, mainly through DNS and NTP attacks, but also Memcache due to the method’s high amplification factor. Memcached softwrae is an open source general-purpose distributed memory-caching system used to speed up dynamic database-driven websites by caching data and objects in RAM to reduce the number of times an external data source need to be read.

In part attributable to the industry wide anti-spoofing initiative, the DDoS Traceback Working Group, the number of DDoS attacks on Arelion’s global backbone decreased by over 30% in 2022 - with 50% fewer attacks directed towards customers.

Mattias Fridström, Chief Evangelist at Arelion commented that “These findings reinforce the need for a basic level of customer protection to mitigate the abundant smaller attacks, together with a solid insurance policy for the larger ones... Thankfully we are seeing a power-shift in the DDoS arms race: there is now a more decisive response by network and IT infrastructure owners to cyber threats, and they are gradually starting to fight back with better cooperation and by closing the inherent weak spots in the network that cybercriminals have exploited for so long.” 

Arelion:     Image: BeeBright

You Might Also Read:

Reduce Vulnerabilities & Defend Your Brand Against DDoS Attacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Spy Agencies Warn Of New Threats From Chinese Hackers
Always-On Protection Using Immutable Storage »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Hiscox

Hiscox

Hiscox offers cyber and data risks insurance to protect your business against the risks of holding data and using computer systems..

Boxcryptor

Boxcryptor

Boxcryptor encrypts your sensitive files before uploading them to cloud storage services.

4iQ

4iQ

4iQ fuses surface, social, deep and dark web sources to research and assess risks to people, infrastructure, intellectual property and reputation.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cloudmark

Cloudmark

Cloudmark is a trusted leader in intelligent threat protection against known and future attacks, safeguarding 12 percent of the world’s inboxes from wide-scale and targeted email threats.

Digi International

Digi International

Digi is a leading global provider of mission-critical and business-critical machine-to-machine (M2M) and Internet of Things (IoT) connectivity products and services.

Heidrick & Struggles International

Heidrick & Struggles International

Heidrick & Struggles is a premier provider of leadership consulting and senior-level executive search services for roles including Information & Technology Officers and Cybersecurity.

Pinpoint Search Group

Pinpoint Search Group

Pinpoint Search Group's recruiters specialize in Information Management, Cyber Security, Cloud and Robotic Process Automation (RPA).

CyberCX

CyberCX

CyberCX provides services from strategic consulting, security testing and training to world-class managed services and engineering solutions.

Snowflake

Snowflake

Empower your cybersecurity and compliance teams with Snowflake. Gain full visibility into security logs, at massive scale, while reducing costs of Security Information and Event Management systems.

Rede Nacional CSIRT

Rede Nacional CSIRT

Rede Nacional CSIRT is a national network of CSIRTs in Portugal aimed at cooperation and mutual assistance in the handling of incidents and in the sharing of good security practices.

UNS Inc.

UNS Inc.

UNS is a top services partner for multiple leaders in the global cybersecurity industry – we do business in 40 countries, including the United States, Canada, Chile, and Colombia.

Blattner Technologies

Blattner Technologies

Blattner Technologies mission is to be the leading provider of predictive transformation services and tools in the Data Analytics, Artificial Intelligence and Machine Learning industry.

Reaktr.ai

Reaktr.ai

Reaktr.ai is founded on the vision of using AI as a catalyst to propel industries into a future where we redefine what's possible. Fortify your cybersecurity defense with our AI-powered platform.

12Port

12Port

12Port network security solutions help companies tackle modern cybersecurity threats cost-effectively while implementing zero-trust architectures.

PlanNet 21 Communications

PlanNet 21 Communications

PlanNet 21 Communications is Ireland most specialised technology solution provider.