DDoS Attacks Spike In H1 2022
Over the last decade, Help AG has continuously monitored DDoS attacks targeting the UAE and keenly observed attack patterns and types, considering we protect thousands of customers from being targets of DDoS attacks. Each time we collate, investigate and analyze DDoS attack data for our statistical modelling and future planning, the inference always shows an increasing upward trend.
It often feels like a broken record when I highlight that last quarter, we again saw an increase in DDoS attacks impacting customer infrastructure and application availability. In line with this, we have witnessed a new record for the largest DDoS attack towards UAE. Help AG successfully mitigated a volume of 238.6 Gbps in a single distributed attack, targeting a customer in the UAE.
Of the 60,000+ attacks that targeted UAE this year alone, more than 8,000 attacks surpassed a volume higher than 1 Gbps, of which, 72% of attacks lasted longer than 10 minutes.
DDoS (Distributed Denial of Service) attacks have been a preferred attack method for hackers since the dawn of the 21st century. Attackers have utilized them for various purposes that test your perimeter defenses such as deception techniques to launch more sinister attacks or as genuine DDoS attacks. Post the pandemic, DDoS attacks have gained greater traction and have been observed as part of double and triple extortion attacks.
To deal with DDoS attacks, enterprises need to consider various elements such as the destination, origin, attack vector, motives behind the attack, the risks they pose and more. Identifying and quantifying these factors play a crucial role in building effective countermeasures to safeguard their online presence. For DDoS protection service providers, apart from acting quick during an attack and providing a SLA driven service, it is key for us to provide intelligence to customers to predict the probability of a DDoS attack. As a service provider, we will try to narrow this down into three major components:
- Number of Attacks
- Volume of Attacks
- Duration of Attacks
DDoS Attacks: H1 2022
- Total Number of Attacks Observed: 66,780
- Max Attack Volume Observed: 238.6 Gbps
- Increase Observed Over H1 2021: 24%
- Longest Attack: 30 Days, 23 Hours, 8 Minutes
- Top Attack Type: UDP Flood
Source of Data
Etisalat by e& NETSCOUT Arbor Deployment
Interpretation of Data
Data reported by Etisalat by e&’s NETSCOUT Arbor deployment is by observing internet traffic flowing through Etisalat EMIX routers towards UAE and internal UAE traffic only. This data doesn’t cover traffic flowing through transit connectivity or other ISP present in UAE.
DDoS attack numbers for Q2 spiked at 5% compared to Q1 2022 and for H1 2022 spiked at 24% compared to H1 2021.
Over 8000 attacks were observed above 1Gbps in volume, which translates to an average of 46 DDoS attacks per day.
In H1 2022, we observed an increment in duration of DDoS attacks. This is depicted from the sharp decline on <10 minutes attacks and increase in 10–60-minute attacks in 2022. An increment in attack duration can be inferred as attackers moving from testing the perimeter defenses to launching persistent DDoS attacks targeting UAE customers.
While the top 5 DDoS attack patterns have remained a constant, DDoS attacks targeting UDP have remained the most preferred attack vector.
58% of the DDoS Attacks observed in UAE are multi-vector attacks.
Government and private enterprises remain the top targeted verticals within UAE.
DDoS News From Across The World
- One of the most powerful DDoS attacks ever hits a Crypto platform
- Norway faces cyberattack, pro-Russian hacker group accused behind activity
- Mantis Botnet behind the record-breaking DDoS attack in June
With the digital boom, complex infrastructures are being built, 5G is coming up, more content is being shared, requiring more bandwidth, all while more attack variants and vectors occur. All of these in one way or the other are contributing to an increase in DDoS attacks.
Post-pandemic, we are observing record breaking number of DDoS attacks towards UAE businesses every quarter. DDoS attacks are not just increasing in number, volume and duration, but have become more persistent and even used in extortion campaigns.
Carrier grade mitigation engines combined with dedicated, trained and trusted operational resources are the way forward to dealing with such volume and complexity. Help AG’s multi-layered DDoS protection offering, hosted within the country, is well equipped for UAE based enterprises to handle this ever-growing threat.