Europe - The DDoS Battlefield Of 2022

Findings in the new Threat Landscape Report from the leading secure connectivity firm Arelion, cast a light on key global Distributed Denial-of-Service (DDoS) Attack trends observed in 2022 from traffic data on its #1 ranked Internet backbone, AS1299. The Report investigates the overall impact of DDoS attacks, the evolution of specific attacks vectors and the significance of major social and geopolitical events. 

The findings reveal that Europe saw the greatest concentration of DDoS activity in 2022, most likely consequences of the war in Ukraine.  As with previous years, DDoS attacks appear to reflect major geo-political challenges and social tensions and have become an increasingly significant part in the hybrid warfare arsenal. 

As the Ukrainian authorities sought a safe harbour for digital state registries and databases, Arelion saw the distribution of attacks move away from active conflict areas into global cloud centres, both as a result of damage to local network infrastructure, but also as local databases and applications were strategically migrated into the cloud. 

Elsewhere in the world, Arelion observed lower Asia-US DDoS activity and fewer DDoS attacks to and from South America in 2022. 

Attack Distribution & Intensity

In 2022, peak attack traffic in Mega Packets Per Second (Mpps) was up 19% from 2021. This trend reflects overall Internet traffic growth but is also due to a continuing shift towards fewer, but more spectacular attacks. Whilst there has been an increase in the number of large attacks (both in terms of bits and packets), the report reveals the vast majority of attacks are still small and mostly driven by free tier stress test or DDoS-as-a-Service attacks instigated by amateur cybercriminals. 

Arelion saw the biggest increase in the 5-20 & 20-50 Gbps attack ranges, mainly through DNS and NTP attacks, but also Memcache due to the method’s high amplification factor. Memcached softwrae is an open source general-purpose distributed memory-caching system used to speed up dynamic database-driven websites by caching data and objects in RAM to reduce the number of times an external data source need to be read.

In part attributable to the industry wide anti-spoofing initiative, the DDoS Traceback Working Group, the number of DDoS attacks on Arelion’s global backbone decreased by over 30% in 2022 - with 50% fewer attacks directed towards customers.

Mattias Fridström, Chief Evangelist at Arelion commented that “These findings reinforce the need for a basic level of customer protection to mitigate the abundant smaller attacks, together with a solid insurance policy for the larger ones... Thankfully we are seeing a power-shift in the DDoS arms race: there is now a more decisive response by network and IT infrastructure owners to cyber threats, and they are gradually starting to fight back with better cooperation and by closing the inherent weak spots in the network that cybercriminals have exploited for so long.” 

Arelion:     Image: BeeBright

You Might Also Read:

Reduce Vulnerabilities & Defend Your Brand Against DDoS Attacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Spy Agencies Warn Of New Threats From Chinese Hackers
Always-On Protection Using Immutable Storage »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ASIS International

ASIS International

ASIS International is a global community of security practitioners with a role in the protection of assets - people, property, and/or information.

Armor

Armor

Armor provide managed cloud security solutions for public, private, hybrid or on-premise cloud environments.

BA-CSIRT

BA-CSIRT

BA-CSIRT is a center which is dedicated to assist and raise awareness among citizens and the Government of the City of Buenos Aires in everything related to information security.

CI-CERT

CI-CERT

CI-CERT is the national Computer Incident Response Team for Cote d'Ivoire.

VXRL

VXRL

VXRL is a Hong Kong-based cybersecurity company. We provide consulting services, penetration testing, and corporate training.

FirstPoint Mobile Guard

FirstPoint Mobile Guard

FirstPoint Mobile Guard has developed the market’s most advanced solution for securing cellular devices, including mobile phones and IoT products, by blocking malicious data leakage.

Scantist

Scantist

Scantist is a cyber-security spin-off from Nanyang Technological University (Singapore) which leverages its expertise to provide vulnerability management solutions to enterprise clients.

Department of Justice - Office of Cybercrime (DOJ-OOC)

Department of Justice - Office of Cybercrime (DOJ-OOC)

The Office of Cybercrime within the Philippines Department of Justice is the Central Authority in all matters relating to international mutual assistance and extradition for cybercrime.

Sierra Ventures

Sierra Ventures

Sierra Ventures is an early-stage venture firm investing globally with a focus on Next Generation Enterprise and Emerging Technologies.

Newberry Group

Newberry Group

The Newberry Group provides comprehensive IT services and solutions that optimize operations, minimize risk and deliver measurable business value.

DKBInnovative

DKBInnovative

DKBinnovative is a best-practice driven IT management firm that provides secure, reliable IT solutions to productivity-focused clients around the globe.

The CyberWire

The CyberWire

The CyberWire gets people up to speed on cyber quickly and keeps them a step ahead in a continually changing industry.

Aeries Technology

Aeries Technology

Aeries is a technology services organization offering capabilities in Technology Services, Digital Transformation, and Business Process Management.

Occentus Network

Occentus Network

Occentus Network is a telecommunications service provider specialized in High Availability Servers & managed Cloud services.

Brightside AI

Brightside AI

Brightside AI is a Swiss cybersecurity SaaS that helps teams combat AI-enabled phishing threats. Protect your team today.

Velstadt Cybersecurity

Velstadt Cybersecurity

Velstadt's team of experienced professionals works on identifying vulnerabilities, analyzing threats, and developing strategies to ensure the highest level of security.