Issue 7: Findings from 1H 2021
NETSCOUT Threat Intelligence Report
The unprecedented events of 2020 led to an enormous and extended upswing in innovation for threat actors. And it's not going away anytime soon.Explore Interactive Report Explore Interactive Report
The Long Tail of Attacker Innovation
DDoS attacks continue to threaten organizations worldwide, as adversaries unleash innovative new attack methods against an ever-expanding target set.
DDoS ATTACKS IN 1H 2021
Attackers launched a record-breaking number of attacks in 1H 2021, an 11 percent increase year over year.
On average, multivector attacks using 20-plus vectors spiked by 106 percent, including a record-breaking 31-vector attack on an organization in Germany.
BOTS DRIVE 2.8M DDoS ATTACKS
Tracking global botnet clusters and density zones shines a light on how malicious adversaries abuse these botnets to launch DDoS attacks.
Black Hats Let the Good Times Roll
The breadth and depth of opportunities to exploit our increasing online dependence has presented adversaries with an embarrassment of potential riches.
7 Attack Vectors in 7 Months
Threat actors exploited or weaponized at least seven newer reflection/amplification DDoS attack vectors within the past seven months, igniting an explosion of new UDP-based attack modes.
Adaptive DDoS Attacks
Adversaries developed new adaptive DDoS attack strategies that evade traditional mitigation techniques. Threat actors custom-tailor each attack to bypass multiple layers of DDoS mitigation and protection, both cloud-based and on premises.
Connectivity Supply Chain Under Attack
Threat actors are upping attacks on vital components that make the internet tick, such as DNS servers, virtual private network (VPN) concentrators and services, and internet exchanges. At risk: every internet user’s ability to get online.
Triple Extortion: A Ransomware Trifecta
Ransomware gangs added triple-extortion attacks to their criminal service offerings. By combining data encryption, data theft, and DDoS attacks, threat actors hit a ransomware trifecta designed to increase the possibility of payment.
ISPs Face DDoS Extortion Attacks
Threat actors launched the self-dubbed Fancy Lazarus DDoS extortion campaign that primarily targets authoritative DNS servers for internet service providers (ISPs). Meanwhile, the more broadly based Lazarus Bear Armada (LBA) DDoS extortion campaign continues to target victims across a range of industries.
NETSCOUT analysis pulls back the curtain to detail how black hats leverage fast-growing botnets to launch DDoS attacks.
From adaptive DDoS attack strategies to an explosion of new DDoS attack vectors, threat actors thrive on rapid innovation. Here's the latest on our constantly changing threat landscape.