Cybercriminal attacks accelerate global cybersecurity crisis according to 1H2021 NETSCOUT threat intelligence report

 Approximately 5.4 million DDoS attacks represent an 11% increase over 1H2020 on pace to surpass the previous year's record with far-reaching impact on critical Internet gateways

  
Richard Hummel

Richard Hummel

In the wake of Colonial Pipeline, JBS, Harris Federation, Australian broadcaster Channel Nine, CNA Financial, and several other high-profile attacks, the impact of DDoS and other cybersecurity attacks has been felt worldwide. As a result, leading governments are introducing new programs and policies to defend against attacks, and policing organizations are initiating unprecedented collaborative efforts to address the crisis.

During 1H2021, cybercriminals weaponized and exploited seven newer reflection/amplification DDoS attack vectors putting organizations at greater risk. This attack vector explosion spurred an increase in multivector DDoS attacks with a record-setting 31 attack vectors deployed in a single attack against one organization.

Other key findings from the NETSCOUT 1H2021 Threat Intelligence Report include:

  • New adaptive DDoS attack techniques evade traditional defenses. By customizing their strategies, cybercriminals evolved their attack efforts to bypass cloud-based and on-premise static DDoS defenses to target commercial banks and credit card processors.
  • Connectivity supply chain increasingly under attack. Bad actors looking to cause the most collateral damage focused their efforts on vital internet components, including DNS servers, virtual private network (VPN) concentrators, services, and internet exchanges, disrupting essential gateways.
  • Cybercriminals add DDoS to their toolkit to launch triple extortion campaigns. Ransomware has become big business, with extortionists adding DDoS to their attack regimen to ratchet up the pressure on victims and add stress to security teams. Triple extortion combines file encryption, data theft, and DDoS attacks, increasing the possibility that cyber criminals receive payment.
  • The fastest DDoS attack recorded a 16.17% year-over-year increase. A Brazilian wireline broadband internet user launched the attack, which was likely related to online gaming. Using DNS reflection/amplification, TCP ACK flood, TCP RST flood, and TCP SYN/ACK reflection/amplification vectors, the sophisticated attack recorded 675 Mpps.
  • The largest DDoS attack, 1.5 Tbps, represented a year-over-year increase of 169%. ASERT data identified this attack against a German ISP, deploying a DNS reflection/amplification vector. This attack represents a dramatic increase in size over any attacks recorded in 1H2020.
  • Botnets contribute to major DDoS activity - Tracked botnet clusters and high-density attack-source zones worldwide showcased how malicious adversaries abused these botnets to participate in more than 2.8 million DDoS attacks. In addition, well-known IoT botnets Gafgyt and Mirai continue to pose a severe threat contributing to more than half of the total number of DDoS attacks.

"Cybercriminals are making front-page news launching an unprecedented number of DDoS attacks to take advantage of the pandemic's remote work shift by undermining vital components of the connectivity supply chain," stated Richard Hummel, threat intelligence lead, NETSCOUT. "Ransomware gangs added triple-extortion DDoS tactics to their repertoire. Simultaneously, the Fancy Lazarus DDoS extortion campaign kicked into high gear threatening organizations in multiple industries with a focus on ISPs and specifically their authoritative DNS servers."

NETSCOUT's Threat Intelligence Report covers the latest trends and activities in the DDoS threat landscape. It covers data secured from NETSCOUT's Active Level Threat Analysis System (ATLAS™) coupled with NETSCOUT's ATLAS Security Engineering & Response Team (ASERT) insights.

The visibility and analysis represented in the Threat Intelligence Report and OmnisÒ Threat Horizon fuel the ATLAS Intelligence Feed used across NETSCOUT's Omnis security product portfolio to detect and block threat activity for enterprises and service providers worldwide.

For more information on NETSCOUT's semi-annual Threat Intelligence Report, please visit our interactive website You can also find us on Facebook, LinkedIn, and Twitter for threat updates and the latest trends and insights.

-Ends-

About NETSCOUT

NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) helps assure digital business services against security, availability, and performance disruptions. Our market and technology leadership stems from combining our patented smart data technology with smart analytics. We provide real-time, pervasive visibility and insights customers need to accelerate and secure their digital transformation. Our Omnis™ cybersecurity advanced threat detection and response platform offers comprehensive network visibility, threat detection, highly contextual investigation, and automated mitigation at the network edge. NETSCOUT nGenius™ service assurance solutions provide real-time, contextual analysis of service, network, and application performance. And Arbor Smart DDoS Protection by NETSCOUT products help protect against attacks that threaten availability and advanced threats that infiltrate networks to steal critical business assets. To learn more about improving service, network, and application performance in physical or virtual data centers or in the cloud, and how NETSCOUT's security and performance solutions can help you move forward with confidence, visit www.netscout.com or follow @NETSCOUT on Twitter, Facebook, or LinkedIn.

Press Relations
Veronica Carpio
Active DMC
veronica@activedmc.com

Krisha Doshi
Active DMC
krisha@activedmc.com 

Send us your press releases to pressrelease.zawya@refinitiv.com

© Press Release 2021

Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.

The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.

To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.


More From Press Releases