SIITF
SNA

HOME
NEWS

Bad Actors Innovate, Extort and Launch 9.7M DDoS Attacks in 2021: NETSCOUT Threat Intelligence Report

Bad Actors Innovate, Extort and Launch 9.7M DDoS Attacks in 2021: NETSCOUT Threat Intelligence Report

NETSCOUT SYSTEMS, INC., (NASDAQ: NTCT) today announced findings from its bi-annual Threat Intelligence Report. During the second half of 2021, cybercriminals launched approximately 4.4 million Distributed Denial of Service (DDoS) attacks, bringing the total number of DDoS attacks in 2021 to 9.75 million. These attacks represent a 3% decrease from the record number set during the height of the pandemic but continue at a pace that's 14% above pre-pandemic levels.

 

The report details how the second half of 2021 established high-powered botnet armies and rebalanced the scales between volumetric and direct-path (non-spoofed) attacks, creating more sophisticated operating procedures for attackers and adding new tactics, techniques, and methods to their arsenals.

 

“While it may be tempting to look at the decrease in overall attacks as threat actors scaling back their efforts, we saw significantly higher activity compared to pre-pandemic levels,” said Richard Hummel, threat intelligence lead, NETSCOUT. “The reality is that attackers are constantly innovating and adapting new techniques, including the use of server-class botnets, DDoS-for-Hire services, and increased used direct-path attacks that continually perpetuate the advancement of the threat landscape.”

 

Other key findings from the NETSCOUT 2H2021 Threat Intelligence Report include:

 

DDoS Extortion and Ransomware Operations are on the rise. Three high-profile DDoS extortion campaigns simultaneously operating is a new high. Ransomware gangs including Avaddon, REvil, BlackCat, AvosLocker, and Suncrypt were observed using DDoS to extort victims. Because of their success, ransomware groups have DDoS extortion operators masquerading as affiliates like the recent REvil DDoS Extortion campaign.

 

VOIP Services were Targets of DDoS Extortion. Worldwide DDoS extortion attack campaigns from the REvil copycat were waged against several VOIP services providers. One VOIP service provider reported $9M-$12M in revenue loss due to DDoS attacks.

 

DDoS-for-Hire services made attacks easy to launch. NETSCOUT examined 19 DDoS-for-Hire services and their capabilities that eliminate the technical requirements and cost of launching massive DDoS attacks. When combined, they offer more than 200 different attack types.

 

APAC attacks increased by 7% as other regions subsided. Amid ongoing geopolitical tensions in China, Hong Kong, and Taiwan, the Asia-Pacific region saw the most significant increase in attacks year over year compared to other regions.

 

Server-class botnet armies arrived. Cybercriminals have not only increased the number of Internet-of-Things (IoT) botnets but have also conscripted high-powered servers and high-capacity network devices, as seen with the GitMirai, Meris, and Dvinis botnets.

 

Direct-path attacks are gaining in popularity. Adversaries inundated organizations with TCP- and UDP-based floods, otherwise known as direct-path or non-spoofed attacks. Meanwhile, a decrease in some amplification attacks drove down the number of total attacks.

 

Attackers targeted select industries. Those hardest hit include software publishers (606% increase), insurance agencies and brokers (257% increase), computer manufacturers (162% increase), and colleges, universities, and professional schools (102% increase)

 

The fastest DDoS attack recorded a 107% year-over-year increase. Using DNS, DNS amplification, ICMP, TCP, ACK, TCP RST, and TCP SYN vectors, the multi-vector attack against a target in Russia recorded 453 Mpps.

 

NETSCOUT's Threat Intelligence Report covers the latest trends and activities in the DDoS threat landscape. It covers data captured from NETSCOUT's Active Level Threat Analysis System (ATLAS™) coupled with insights from NETSCOUT's ATLAS Security Engineering & Response Team.

 

The visibility and insights compiled from the global DDOS attack data, which is represented in the Threat Intelligence Report and can be seen in the Omnis Threat Horizon portal, fuel the ATLAS Intelligence Feed used across NETSCOUT's Omnis security portfolio to detect and block threat activity for enterprises and service providers worldwide.

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
FortiGuard Labs forecasts Generative AI and CaaS operations to facilitate cyberattacks
Technology

FortiGuard Labs forecasts Generative AI and CaaS operations to facilitate cyberattacks

by VARINDIA 2023-11-29
77% Organizations Fall Victim to Repeated Cyberattacks: Trellix
Technology

77% Organizations Fall Victim to Repeated Cyberattacks: Trellix

by VARINDIA 2023-11-28
Trellix Detects Collaboration by Cybercriminals and Nation-States
Technology

Trellix Detects Collaboration by Cybercriminals and Nation-States

by VARINDIA 2023-11-23
SOFTWARE
View All
HPE boosts business transformation with new AI-native architecture and hybrid cloud solutions
Technology

HPE boosts business transformation with new AI-native architecture and hybrid cloud solutions

by VARINDIA 2023-12-01
Kyndryl extends partnership with AWS to accelerate mainframe application modernization for Customers
Technology

Kyndryl extends partnership with AWS to accelerate mainframe application modernization for Customers

by VARINDIA 2023-12-01
Tata Tele Business Services and Truecaller join hands to offer ‘Verified Business Caller ID Solution’
Technology

Tata Tele Business Services and Truecaller join hands to offer ‘Verified Business Caller ID Solution’

by VARINDIA 2023-11-30
START - UP
View All
NeevCloud launches the country’s first Made in India AI SuperCloud
Technology

NeevCloud launches the country’s first Made in India AI SuperCloud

by VARINDIA 2023-11-23
ZEE & nasscom forge partnership to support Generative AI Startups
Technology

ZEE & nasscom forge partnership to support Generative AI Startups

by VARINDIA 2023-11-23
Startup Odisha Spotlights 20 Startups at Day 1 of FundStack 3.0
Technology

Startup Odisha Spotlights 20 Startups at Day 1 of FundStack 3.0

by VARINDIA 2023-11-22

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
Mystifly to transform travel technology with Google Cloud

Mystifly to transform travel technology with Google Cloud

by VARINDIA
Affle strengthens its global tech IP portfolio with 15 patents

Affle strengthens its global tech IP portfolio with 15 patents

by VARINDIA
Noventiq rolls out Weaver Peer, a knowledge-based AI assistant

Noventiq rolls out Weaver Peer, a knowledge-based AI assistant

by VARINDIA
Oracle supports healthcare organizations with new capabilities

Oracle supports healthcare organizations with new capabilities

by VARINDIA
NetApp renews its partnership with Microsoft

NetApp renews its partnership with Microsoft

by VARINDIA
Varonis expands its Generative AI capabilities with launch of Athena AI

Varonis expands its Generative AI capabilities with launch of Athena AI

by VARINDIA
Mika named as the world's first robot CEO

Mika named as the world's first robot CEO

by VARINDIA
Technicolor Creative Studios integrates Dell infrastructure solutions for IT transformation

Technicolor Creative Studios integrates Dell infrastructure solutions for IT transformation

by VARINDIA
Katonic AI and Mindfields Global Join Forces to Integrate Automation with GenAI

Katonic AI and Mindfields Global Join Forces to Integrate Automation with GenAI

by VARINDIA
Spirent and Cadence partner to offer advanced chipset testing

Spirent and Cadence partner to offer advanced chipset testing

by VARINDIA