Kenya and others targeted by Cybercriminals in new wave of attacks
In the first half of 2023, cybercriminals increased the scope of their illicit operations. In 1H 2023, threat actors executed over 7.9 million distributed denial-of-service (DDoS*) attacks globally, as opposed to just over 6 million in 1H 2022, according to NETSCOUT’s most recent Threat Intelligence Report. This translates to an astounding 44,000 DDoS attacks every day and a 31% rise year over year.
The region of Europe, the Middle East, and Africa (EMEA) had over 2.4 million DDoS attacks, a 15% increase from the second half of 2022. This increase in attack frequency was also noticeable in this region. Examining EMEA in more detail, NETSCOUT’s report also reveals the following interesting findings: The top five nations in the region to be targeted were Saudi Arabia, Kenya, Germany, Italy, and France.
- Because of the continuing Russo-Ukrainian War and its geopolitical ramifications, EMEA is the region most frequently attacked by DDoS attacks worldwide. For example, threat actors are focusing on Finland and Sweden in their attempts to join NATO, while cybercriminals like Killnet have not stopped their attack on pro-Ukrainian politicians and organizations.
- Ireland was one country that saw a decrease in attack activity, with attacks down 80% from the second half of 2022. This occurs concurrently with the migration of Ukrainian internet resources to satellite network providers from Ireland, where they were briefly based.
- The satellite communications sector was severely impacted by a torrent of DDoS attacks, which led to an 86,972 percent rise in attacks on this sector in EMEA. In 2H 2022, there were 71 attacks; in 1H 2023, there were 61,821 attacks.
- Among the industries most targeted in 1H 2023 were engineering services, data processing and hosting services, telecommunications, and satellite communications. From 2H 2022, there was a rise in attack frequency in each of these industries.
- Threat intelligence head for NETSCOUT Richard Hummel analyzes the report’s results and recommends actions that EMEA organizations could take to defend against DDoS attacks:
- DDoS attacks from threat actors flooded EMEA in the first half of 2023. Attack activity in the area had significantly increased,
- “EMEA-based companies have previously demonstrated their ability to thwart DDoS attacks. Organizations in the area are able to observe this by blocking 37% of HTTP/S application-layer attacks. Conversely, APAC was only able to neutralize 1% of HTTP/S assaults.
- Nevertheless, as EMEA is the region that gets targeted the most, it is crucial that all organizations in the region have a strong cybersecurity plan that can fend against DDoS attacks. To thwart attacks, this involves installing adaptive DDoS defenses at each network edge.
- Additionally, firms must evaluate their web infrastructure on a regular basis. This guarantees that any modifications made to servers or apps are integrated into the larger DDoS mitigation system, safeguarding essential online infrastructure elements. Institutions are further strengthened when it comes to protecting themselves against new threats when personnel are taught the fundamentals of good cyber hygiene.
- “By putting these steps in place, organizations in EMEA and around the globe will be sufficiently safeguarded against DDoS attacks, as the threat posed by these attacks only grows.”
- Visit https://www.netscout.com/threatreport for more details on regional attack trends in 1H 2023 and DDoS attacks in the current threat landscape.