Europe - The DDoS Battlefield Of 2022

Findings in the new Threat Landscape Report from the leading secure connectivity firm Arelion, cast a light on key global Distributed Denial-of-Service (DDoS) Attack trends observed in 2022 from traffic data on its #1 ranked Internet backbone, AS1299. The Report investigates the overall impact of DDoS attacks, the evolution of specific attacks vectors and the significance of major social and geopolitical events. 

The findings reveal that Europe saw the greatest concentration of DDoS activity in 2022, most likely consequences of the war in Ukraine.  As with previous years, DDoS attacks appear to reflect major geo-political challenges and social tensions and have become an increasingly significant part in the hybrid warfare arsenal. 

As the Ukrainian authorities sought a safe harbour for digital state registries and databases, Arelion saw the distribution of attacks move away from active conflict areas into global cloud centres, both as a result of damage to local network infrastructure, but also as local databases and applications were strategically migrated into the cloud. 

Elsewhere in the world, Arelion observed lower Asia-US DDoS activity and fewer DDoS attacks to and from South America in 2022. 

Attack Distribution & Intensity

In 2022, peak attack traffic in Mega Packets Per Second (Mpps) was up 19% from 2021. This trend reflects overall Internet traffic growth but is also due to a continuing shift towards fewer, but more spectacular attacks. Whilst there has been an increase in the number of large attacks (both in terms of bits and packets), the report reveals the vast majority of attacks are still small and mostly driven by free tier stress test or DDoS-as-a-Service attacks instigated by amateur cybercriminals. 

Arelion saw the biggest increase in the 5-20 & 20-50 Gbps attack ranges, mainly through DNS and NTP attacks, but also Memcache due to the method’s high amplification factor. Memcached softwrae is an open source general-purpose distributed memory-caching system used to speed up dynamic database-driven websites by caching data and objects in RAM to reduce the number of times an external data source need to be read.

In part attributable to the industry wide anti-spoofing initiative, the DDoS Traceback Working Group, the number of DDoS attacks on Arelion’s global backbone decreased by over 30% in 2022 - with 50% fewer attacks directed towards customers.

Mattias Fridström, Chief Evangelist at Arelion commented that “These findings reinforce the need for a basic level of customer protection to mitigate the abundant smaller attacks, together with a solid insurance policy for the larger ones... Thankfully we are seeing a power-shift in the DDoS arms race: there is now a more decisive response by network and IT infrastructure owners to cyber threats, and they are gradually starting to fight back with better cooperation and by closing the inherent weak spots in the network that cybercriminals have exploited for so long.” 

Arelion:     Image: BeeBright

You Might Also Read:

Reduce Vulnerabilities & Defend Your Brand Against DDoS Attacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Spy Agencies Warn Of New Threats From Chinese Hackers
Always-On Protection Using Immutable Storage »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Horangi

Horangi

Horangi provides security products and services that enable the rapid delivery of Incident Response and threat detection for our customers who lack the scale, expertise, or time to do it themselves.

NanoLock Security

NanoLock Security

NanoLock delivers the industry’s only end-to-end platform for the IoT and connected devices ecosystem.

Crypto Quantique

Crypto Quantique

Crypto Quantique's ground-breaking technology radically simplifies the process of generating a hardware root of trust in an IoT device.

Global Accelerator Network (GAN)

Global Accelerator Network (GAN)

Global Accelerator Network are a highly curated community of independent Accelerators, Partners and Investors.

Activu

Activu

Activu makes any information visible, collaborative, and proactive for people tasked with monitoring critical operations including network security.

Ampere Industrial Security

Ampere Industrial Security

Ampere is an industrial security firm. We specialize in industrial control systems (ICS) and operational technology (OT) security.

BaaSid

BaaSid

BaaSid is next generation security technology for data security & security authentication based on De-centralized & Blockchain.

Plante Moran

Plante Moran

Plante Moran is a leading audit, tax, consulting, and wealth management firm. Areas of consulting expertise include cybersecurity.

VP Techno Labs

VP Techno Labs

VP Techno Labs is an award-winning cybersecurity firm focusing only cybersecurity to develop cutting edge solutions for emerging business.

OccamSec

OccamSec

OccamSec is a leading provider in the world of cybersecurity. We provide accurate, actionable information to reduce risk and enable better informed decisions.

QFunction

QFunction

QFunction works within your existing security stack to detect anomalies and threats within your data.

Secolve

Secolve

Secolve is Australia’s next generation OT specialist cyber security firm, working with key industries to protect the nation’s critical infrastructure.

Worksent Technologies

Worksent Technologies

Worksent is a Trusted white-label offshore support partner for MSPs and MSSPs.

Averlon

Averlon

Averlon offers organizations peerless cloud security through Panoptic Cloud Visibility, Predictive Attack Intelligence and Rapid Remediation.

Pulsar Security

Pulsar Security

Pulsar Security is a team of highly skilled, offensive cybersecurity professionals with the industry's most esteemed credentials and advanced real-world experience.

Vantor

Vantor

Vantor is a Managed Security Services Provider (MSSP) that specializes in providing outsourced, managed cybersecurity services.