DDoS Attacks Skyrocket and Hacktivist Activity Surges Threatening Critical Global Infrastructure According to NETSCOUT’s 1H2024 Threat Intelligence Report
NETSCOUT's 1H2024 DDoS Threat Intelligence Report reveals a 43% increase in application-layer attacks and a 30% rise in volumetric attacks, particularly in Europe and the Middle East. Hacktivists are targeting critical infrastructure in banking, financial services, government, and utilities sectors. Key findings include:
1. NoName057(16), a pro-Russia hacktivist group, increased focus on application-layer attacks.
2. Bot-infected devices increased by 50% with the emergence of the Zergeca botnet.
3. Distributed botnet C2 infrastructure using bots as control nodes for more resilient attacks.
4. Over 75% of new networks are involved in DDoS activities within 42 days of coming online.
These sophisticated attacks pose significant threats to global organizations, disrupting vital civilian services and straining networks worldwide. NETSCOUT emphasizes the need for enhanced detection and mitigation strategies to combat evolving threats.
Il Rapporto sulla Threat Intelligence DDoS di NETSCOUT per il 1H2024 rivela un aumento del 43% degli attacchi a livello applicativo e un aumento del 30% degli attacchi volumetrici, in particolare in Europa e nel Medio Oriente. Gli hacktivisti prendono di mira le infrastrutture critiche nei settori bancario, dei servizi finanziari, del governo e delle utilities. I risultati principali includono:
1. NoName057(16), un gruppo hacktivista pro-Russia, ha aumentato il focus sugli attacchi a livello applicativo.
2. I dispositivi infettati da bot sono aumentati del 50% con l'emergere del botnet Zergeca.
3. Infrastruttura C2 di botnet distribuite che utilizzano bot come nodi di controllo per attacchi più resilienti.
4. Oltre il 75% delle nuove reti è coinvolto in attività DDoS entro 42 giorni dalla messa online.
Questi attacchi sofisticati rappresentano minacce significative per le organizzazioni globali, interrompendo servizi civili vitali e mettendo sotto stress le reti in tutto il mondo. NETSCOUT sottolinea la necessità di strategie migliorate di rilevamento e mitigazione per combattere le minacce in evoluzione.
El Informe de Inteligencia sobre Amenazas DDoS de NETSCOUT para el 1H2024 revela un aumento del 43% en los ataques a nivel de aplicación y un aumento del 30% en los ataques volumétricos, especialmente en Europa y Oriente Medio. Los hacktivistas están atacando infraestructuras críticas en los sectores de bancos, servicios financieros, gobierno y utilidades. Los hallazgos clave incluyen:
1. NoName057(16), un grupo hacktivista pro-Rusia, ha intensificado su enfoque en los ataques a nivel de aplicación.
2. Los dispositivos infectados por bots aumentaron en un 50% con la aparición del botnet Zergeca.
3. Infraestructura C2 de botnet distribuida que utiliza bots como nodos de control para ataques más resilientes.
4. Más del 75% de las nuevas redes están involucradas en actividades DDoS dentro de los 42 días de estar en línea.
Estos ataques sofisticados representan amenazas significativas para las organizaciones globales, interrumpiendo servicios civiles vitales y tensando las redes en todo el mundo. NETSCOUT enfatiza la necesidad de estrategias mejoradas de detección y mitigación para combatir las amenazas en evolución.
NETSCOUT의 2024년 상반기 DDoS 위협 인텔리전스 보고서에 따르면, 애플리케이션 계층 공격이 43% 증가하고, 볼륨 공격이 30% 상승했습니다. 특히 유럽과 중동에서 두드러집니다. 해커테이비스트들은 은행, 금융 서비스, 정부 및 유틸리티 부문의 중요 인프라를 겨냥하고 있습니다. 주요 발견 사항은 다음과 같습니다:
1. NoName057(16), 친 러시아 해커테이비스트 그룹, 애플리케이션 계층 공격에 대한 집중 증가.
2. Zergeca 봇넷의 출현으로 감염된 봇 장치가 50% 증가.
3. 더 탄력적인 공격을 위한 제어 노드로 봇을 사용하는 분산 봇넷 C2 인프라.
4. 새로운 네트워크의 75% 이상이 온라인 상태에서 42일 이내에 DDoS 활동에 연루됨.
이런 정교한 공격은 글로벌 조직에 중대한 위협을 가해, 중요한 민간 서비스에 장애를 주고 전 세계 네트워크에 압박을 가합니다. NETSCOUT는 진화하는 위협에 맞서기 위한 개선된 탐지 및 완화 전략의 필요성을 강조합니다.
Le Rapport d'intelligence sur les menaces DDoS de NETSCOUT pour le 1H2024 révèle une augmentation de 43% des attaques de niveau applicatif et une hausse de 30% des attaques volumétriques, en particulier en Europe et au Moyen-Orient. Les hacktivistes ciblent les infrastructures critiques dans les secteurs des banques, des services financiers, du gouvernement et des utilités. Les principales conclusions comprennent:
1. NoName057(16), un groupe hacktiviste pro-Russie, a accru son attention sur les attaques de niveau applicatif.
2. Les dispositifs infectés par des bots ont augmenté de 50% avec l'émergence du botnet Zergeca.
3. Infrastructure C2 de botnet distribuée utilisant des bots comme nœuds de contrôle pour des attaques plus résilientes.
4. Plus de 75% des nouveaux réseaux sont impliqués dans des activités DDoS dans les 42 jours suivant leur mise en ligne.
Ces attaques sophistiquées représentent des menaces significatives pour les organisations mondiales, perturbant des services civils vitaux et mettant à rude épreuve les réseaux à travers le monde. NETSCOUT souligne la nécessité de stratégies de détection et de mitigation renforcées pour lutter contre les menaces en évolution.
Der DDoS Bedrohungsintelligenzbericht von NETSCOUT für das 1H2024 zeigt einen Anstieg von 43% bei Angriffen auf Anwendungsebene sowie einen Anstieg von 30% bei volumetrischen Angriffen, insbesondere in Europa und dem Nahen Osten. Hacktivisten zielen auf die kritische Infrastruktur in den Bereichen Banken, Finanzdienstleistungen, Regierung und Versorgungsunternehmen ab. Zu den wichtigsten Erkenntnissen gehören:
1. NoName057(16), eine pro-russische Hacktivistengruppe, hat den Fokus auf Angriffe auf Anwendungsebene erhöht.
2. Infizierte Geräte durch Bots haben sich um 50% erhöht mit dem Aufkommen des Zergeca-Botnets.
3. Verteilte Botnet-C2-Infrastruktur, die Bots als Kontrollknoten für widerstandsfähigere Angriffe nutzt.
4. Über 75% neuer Netzwerke sind innerhalb von 42 Tagen nach dem Online-Start in DDoS-Aktivitäten verwickelt.
Diese ausgeklügelten Angriffe stellen eine erhebliche Bedrohung für globale Organisationen dar, indem sie wichtige zivile Dienstleistungen stören und Netzwerke weltweit belasten. NETSCOUT betont die Notwendigkeit verbesserter Erkennungs- und Minderungstrategien, um gegen sich entwickelnde Bedrohungen vorzugehen.
- None.
- None.
Hacktivists Escalate Sophisticated, Multi-Vector Assaults on Banking and Financial Services, Government, and Utilities
“Hacktivist activities continue to plague global organizations with more sophisticated and coordinated DDoS attacks against multiple targets simultaneously,” stated Richard Hummel, director, threat intelligence, NETSCOUT. “As adversaries use more resilient, take-down-resistant networks, detection and mitigation are more challenging. This report gives network operations teams insights to fine-tune their strategies to stay ahead of these evolving threats.”
Attack Sophistication Strains Networks Worldwide
DDoS attacks continue to evolve, using innovative technologies and approaches to disrupt networks. During the 1H2024, NETSCOUT observed several significant trends, including:
-
NoName057(16), a pro-
Russia hacktivist group, increased its focus on application-layer attacks, particularly HTTP/S GET and POST floods, leading to a43% rise compared to 1H2023. -
Bot-infected devices increased by
50% with the emergence of the Zergeca botnet -- and the continued evolution of the DDoSia botnet used by NoName057(16) -- which uses advanced technologies like DNS over HTTPS (DoH) for command-and-control (C2). - Distributed botnet C2 infrastructure leveraging bots as control nodes, enabling more decentralized and resilient DDoS attack coordination.
These attacks have triggered widespread disruptions, affecting industries on a global scale. Service slowdowns or outages can cripple revenue streams, delay critical operations, hinder productivity, and significantly elevate organizational risks.
Attackers Targeting New Networks
NETSCOUT also found that the emergence of new networks and autonomous system numbers (ASNs) play a pivotal role in increased DDoS activity. Over
NETSCOUT’s global internet visibility is backed by decades of experience working with the world’s largest service providers and enterprises. It collects, analyzes, prioritizes, and disseminates data on DDoS attacks from 216 countries and territories, 470 vertical industries, and over 14,000 ASNs. Powered by its ATLAS platform, the company gains insights from more than 500 terabits per second (Tbps) of internet peering network traffic.
Visit our interactive website for more information on NETSCOUT's DDoS Threat Intelligence Report. For real-time DDoS attack stats, map, and insights, visit NETSCOUT Cyber Threat Horizon.
About NETSCOUT
NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) protects the connected world from cyberattacks and performance and availability disruptions through its unique visibility platform and solutions powered by its pioneering deep packet inspection at scale technology. NETSCOUT serves the world’s largest enterprises, service providers, and public sector organizations. Learn more at www.netscout.com or follow @NETSCOUT on LinkedIn, X, or Facebook.
©2024 NETSCOUT SYSTEMS, INC. All rights reserved. Third-party trademarks mentioned are the property of their respective owners.
View source version on businesswire.com: https://www.businesswire.com/news/home/20241002390460/en/
Editorial:
Chris Lucas
NETSCOUT Systems, Inc.
+1 978-614-4124
chris.lucas@netscout.com
Chris Shattuck
Finn Partners for NETSCOUT
+1 404-502-6755
NETSCOUT-US@FinnPartners.com
Source: NETSCOUT SYSTEMS, INC
FAQ
What is the percentage increase in application-layer attacks according to NETSCOUT's 1H2024 report?
Which sectors are being targeted by hacktivists according to NETSCOUT's report?
What is the name of the pro-Russia hacktivist group mentioned in NETSCOUT's 1H2024 report?
How many newly established networks are involved in DDoS activities within 42 days, according to NETSCOUT (NTCT)?