Europe - The DDoS Battlefield Of 2022

Findings in the new Threat Landscape Report from the leading secure connectivity firm Arelion, cast a light on key global Distributed Denial-of-Service (DDoS) Attack trends observed in 2022 from traffic data on its #1 ranked Internet backbone, AS1299. The Report investigates the overall impact of DDoS attacks, the evolution of specific attacks vectors and the significance of major social and geopolitical events. 

The findings reveal that Europe saw the greatest concentration of DDoS activity in 2022, most likely consequences of the war in Ukraine.  As with previous years, DDoS attacks appear to reflect major geo-political challenges and social tensions and have become an increasingly significant part in the hybrid warfare arsenal. 

As the Ukrainian authorities sought a safe harbour for digital state registries and databases, Arelion saw the distribution of attacks move away from active conflict areas into global cloud centres, both as a result of damage to local network infrastructure, but also as local databases and applications were strategically migrated into the cloud. 

Elsewhere in the world, Arelion observed lower Asia-US DDoS activity and fewer DDoS attacks to and from South America in 2022. 

Attack Distribution & Intensity

In 2022, peak attack traffic in Mega Packets Per Second (Mpps) was up 19% from 2021. This trend reflects overall Internet traffic growth but is also due to a continuing shift towards fewer, but more spectacular attacks. Whilst there has been an increase in the number of large attacks (both in terms of bits and packets), the report reveals the vast majority of attacks are still small and mostly driven by free tier stress test or DDoS-as-a-Service attacks instigated by amateur cybercriminals. 

Arelion saw the biggest increase in the 5-20 & 20-50 Gbps attack ranges, mainly through DNS and NTP attacks, but also Memcache due to the method’s high amplification factor. Memcached softwrae is an open source general-purpose distributed memory-caching system used to speed up dynamic database-driven websites by caching data and objects in RAM to reduce the number of times an external data source need to be read.

In part attributable to the industry wide anti-spoofing initiative, the DDoS Traceback Working Group, the number of DDoS attacks on Arelion’s global backbone decreased by over 30% in 2022 - with 50% fewer attacks directed towards customers.

Mattias Fridström, Chief Evangelist at Arelion commented that “These findings reinforce the need for a basic level of customer protection to mitigate the abundant smaller attacks, together with a solid insurance policy for the larger ones... Thankfully we are seeing a power-shift in the DDoS arms race: there is now a more decisive response by network and IT infrastructure owners to cyber threats, and they are gradually starting to fight back with better cooperation and by closing the inherent weak spots in the network that cybercriminals have exploited for so long.” 

Arelion:     Image: BeeBright

You Might Also Read:

Reduce Vulnerabilities & Defend Your Brand Against DDoS Attacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Spy Agencies Warn Of New Threats From Chinese Hackers
Always-On Protection Using Immutable Storage »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Linklaters LLP

Linklaters LLP

Linklaters is an international law firm. Practice areas include Information Management and Data Protection.

Nordic IT Security

Nordic IT Security

Nordic IT Security is a cyber security business forum in Scandinavia bringing together the converging worlds of IT, Cyber and Information Security.

Software Factory

Software Factory

Software Factory develops custom-built high-performance software solutions and products for applications including industrial cyber security.

Heimdal Security

Heimdal Security

Heimdal Security provides proactive protection against cyber threats including ransomware, exploit kits and financial malware.

Software Engineering Institute (SEI)

Software Engineering Institute (SEI)

At the CERT Division of SEI we study and solve cybersecurity problems, research security vulnerabilities in software, and develop information and training to help improve cybersecurity.

Aptiv

Aptiv

Aptiv is a global technology company that develops safer, greener and more connected solutions enabling the future of mobility.

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions is an industry leading Data Sanitization Software, Hardware and Onsite Service Provider.

SparkLabs Cyber + Blockchain

SparkLabs Cyber + Blockchain

SparkLabs Cyber + Blockchain accelerator is located in Washington D.C. which is one of the world's top cybersecurity ecosystems.

PatrOwl

PatrOwl

Automate your SecOps with PatrOwl, and start defending your assets efficiently.

DMARC360

DMARC360

DMARC360 analyzes your email traffic patterns and sources, rapidly deploys email authentication protocols and monitors your email domains with automated recommendations and incident response.

Blue Lance

Blue Lance

Blue Lance is a global provider of cybersecurity governance solutions. Our software solutions automatically collect and store the information necessary for investigations, audit and compliance.

QuoLab

QuoLab

QuoLab empowers security professionals to analyze, investigate and respond to threats within an integrated ecosystem.

Sotero

Sotero

Sotero is the first cloud-native, zero trust data security platform that consolidates your entire security stack into one easy-to-manage environment.

iSPIRAL IT Solutions

iSPIRAL IT Solutions

iSPIRAL is a leading regulatory technology software provider delivering state-of-art AML, KYC, Risk and Compliance solutions.

S2W

S2W

S2W is a data intelligence company specialized in cyber threat intelligence, brand/digital abuse, and blockchain.

Harness

Harness

Harness delivers an end-to-end software delivery platform that helps engineering teams achieve the highest levels of engineering excellence.