Distributed Denial of Service (DDoS) attacks have become a dominant means of waging cyberwarfare linked to sociopolitical events such as elections, civil protests, and policy disputes.
Findings from NetScout’s 2H2024 DDoS Threat Intelligence report show how attackers exploit moments of national vulnerability to amplify chaos and erode trust in institutions, as they target the critical infrastructure of governments, commercial entities and service providers.
Throughout the year, DDoS attacks were intricately tied to social/political events, including Israel experiencing a 2 844% surge tied to hostage rescues and political conflicts; Georgia enduring a 1 489% increase during the lead-up to the passage of the “Russia Bill”; Mexico having a 218% increase during national elections; and the UK experiencing a 152% increase on the day the Labour Party resumed session in Parliament.
“DDoS has emerged as the go-to tool for cyberwarfare,” states Richard Hummel, director: threat intelligence at NetScout. “NoName057(16) continues to be the leading actor for politically motivated DDoS campaigns targeting governments, infrastructure, and organisations. In 2024, they repeatedly targeted government services in the UK, Belgium, and Spain.”
DDoS-for-hire services have become more powerful using AI for CAPTCHA bypassing, with about nine in ten platforms now offering this capability.
Additionally, many employ automation to enable dynamic, multi-target campaigns and offer infrastructure exploitation techniques such as carpet bombing, geo-spoofing, and IPv6 to expand attack surfaces.
Even the most novice operators can launch significant DDoS attack campaigns causing substantial harm.
Enterprise servers and routers have been exploited to intensify attacks and make remediation more challenging. Overall botnet populations declined by 5% but demonstrated strong resiliency despite concerted takedown efforts.
Law enforcement takedown efforts, like Operation PowerOFF, continue to target DDoS-for-hire services but only momentarily disrupt attack platforms as new platforms take their place.
The long-term impact is uncertain as attackers adapt and reconstitute their networks, with no significant decline in global attack volume.
DDoS attacks are evolving and adapting faster than ever, creating a challenge for defenders and those entrusted with protecting critical infrastructure networks and service availability. Enterprises, government organisations, and service providers are all targets for DDoS attacks.
Successful strategies must deploy proactive intelligence-driven methodologies and automation to mitigate modern-day DDoS attacks effectively.
Staying ahead of new threats demands that organisations outmanoeuvre an adversary that can force multiply its strength, speed, intelligence, and persistence like nothing the world has ever seen.