Distributed denial-of-service attacks topped 13 million in 2023
Hacktivist groups and an increase in DNS water torture attacks drove a significant spike in DDoS attacks in 2023’s second half.
There were more than 7 million distributed denial-of-service (DDoS) attacks during the second half of 2023, according to Netscout Systems, Inc. This was a 15% increase compared with the first half of 2023, a year which saw a total of 13 million DDoS attacks.
A DDoS attack involves flooding a target site with a tsunami of traffic in hopes of knocking the site offline until the operator can redirect the spurious traffic.
According to Netscout, hacktivism and domain name system (DNS) water-torture attacks were the primary drivers of the increase in DDoS attacks.
Between the first and second halves of 2023, DDoS attacks from hacktivist groups increased 10-fold, Netscout reported. For example, Peru saw a 30% increase in attacks connected to protests around former Peruvian President Fujimori’s release from prison.
The NoName057(016) collective was the most active hacktivist group during 2023, as it targeted 780 websites in 35 countries, Netscout reported.
“Global adversaries have become more sophisticated in the past year attacking websites and overloading servers to lockout customers and inflict digital chaos to influence geopolitical issues,” Richard Hummel, senior threat intelligence lead at Netscout, said in a release. “The relentless barrage of DDoS threats drives up costs and creates security fatigue for network operators.”
Nonexistent DNS label attacks
DNS water-torture attacks, which are technically called nonexistent DNS label attacks, have been around since 2009, according to Roland Dobbins principal engineer with Netscout’s ASERT Threat Intelligence Team.
He previously told PropertyCasualty360 that these cyberattacks typical involve a hacker’s botnet node, or a collection of devices infected and controlled by malware, issuing streams of DNS queries for nonexistent records within the domain of a targeted site.
At the end of June 2023, Netscout was tracking more than 660 daily instances of these DNS attacks and insurance agencies and brokers were among the most frequently targeted businesses.
Related: