EMEA Receives Most DDoS Attacks Amid Ongoing Geopolitical Unrest

Cybercriminals ramped up their nefarious activities during the first half of 2023. According to NETSCOUT’s latest Threat Intelligence Report, threat actors launched approximately 7.9 million distributed denial-of-service (DDoS) attacks globally in 1H 2023, compared to just over 6 million of these attacks during 1H 2022. This represents a 31 per cent increase year over year and a staggering 44,000 DDoS attacks per day.

This increase in attack frequency was also evident in Europe, the Middle East, and Africa (EMEA), with the region experiencing more than 2.4 million DDoS attacks – a 15 per cent increase from the second half of 2022. Looking at EMEA in greater detail, additional findings from NETSCOUT’s report include:

– The top five targeted countries in the region were France, Germany, Italy, Kenya, and Saudi Arabia

– EMEA is the top targeted region globally by DDoS attacks, in large part due to the ongoing Russo-Ukrainian War and the geopolitical fallout. For instance, cybercriminals such as Killnet have continued their assault on pro-Ukrainian governments and organisations, with threat actors targeting Finland and Sweden in their bids to join NATO

– One nation which experienced a decline in attack activity was Ireland, with attacks falling by 80 per cent from the second half of 2022. This comes as Ukrainian internet resources – which had temporarily called Ireland home – migrated to satellite network providers

– A barrage of DDoS attacks hammered the satellite communications industry, resulting in an 86,972 per cent increase in attacks against this industry in EMEA. Attack frequency rose from 71 in 2H 2022 to 61,821 in 1H 2023

– In addition to satellite communications, telecommunications, data processing and hosting services, and engineering services also featured among the most targeted sectors in 1H 2023. All of these industries saw an increase in attack frequency from 2H 2022

Richard Hummel, threat intelligence lead for NETSCOUT, discusses the findings from the report and assesses what organisations in EMEA must do to protect themselves from DDoS attacks:

“During the first half of 2023, threat actors inundated EMEA with DDoS attacks. There was a substantial increase in attack activity in the region, with cybercriminals launching both the largest and fastest attacks we observed in this period against countries in EMEA.

“EMEA-based businesses have already displayed their capabilities when it comes to blocking DDoS attacks. This can be seen with organisations in the region blocking 37 per cent of HTTP/S application-layer attacks. In contrast to this, APAC only mitigated 1 per cent of HTTP/S attacks.

“Nevertheless, as the most targeted region globally, it is imperative for all organisations in EMEA to implement a powerful and effective cybersecurity strategy which is capable of mitigating DDoS attacks. This includes placing adaptive DDoS defences at every network edge to suppress attacks.

“It’s also vital for businesses to regularly test their online infrastructure. This ensures any adjustments made to applications or servers are incorporated into the wider DDoS mitigation system, protecting vital online infrastructural components. Teaching employees about the basics of good cyber hygiene further strengthens institutions when it comes to defending themselves from emerging threats.

“With the threat posed by DDoS attacks continuing to grow, implementing these measures will ensure organisations in EMEA, and across the rest of the world, are adequately protected from DDoS attacks.”

For more information about DDoS attacks in the modern threat landscape and regional attack trends in 1H 2023, visit https://www.netscout.com/threatreport