Business Wire

MA-NETSCOUT-SYSTEMS

22.3.2022 11:02:06 CET | Business Wire | Press release

Share
Bad Actors Innovate, Extort and Launch 9.7M DDoS Attacks in 2021 According to the Latest NETSCOUT Threat Intelligence Report

NETSCOUT SYSTEMS, INC., (NASDAQ: NTCT) today announced findings from its bi-annual Threat Intelligence Report . During the second half of 2021, cybercriminals launched approximately 4.4 million Distributed Denial of Service (DDoS) attacks, bringing the total number of DDoS attacks in 2021 to 9.75 million. These attacks represent a 3% decrease from the record number set during the height of the pandemic but continue at a pace that's 14% above pre-pandemic levels.

The report details how the second half of 2021 established high-powered botnet armies and rebalanced the scales between volumetric and direct-path (non-spoofed) attacks, creating more sophisticated operating procedures for attackers and adding new tactics, techniques, and methods to their arsenals.

“While it may be tempting to look at the decrease in overall attacks as threat actors scaling back their efforts, we saw significantly higher activity compared to pre-pandemic levels,” said Richard Hummel, threat intelligence lead, NETSCOUT. “The reality is that attackers are constantly innovating and adapting new techniques, including the use of server-class botnets, DDoS-for-Hire services, and increased used direct-path attacks that continually perpetuate the advancement of the threat landscape.”

Other key findings from the NETSCOUT 2H2021 Threat Intelligence Report include:

  • DDoS Extortion and Ransomware Operations are on the rise. Three high-profile DDoS extortion campaigns simultaneously operating is a new high. Ransomware gangs including Avaddon, REvil, BlackCat, AvosLocker, and Suncrypt were observed using DDoS to extort victims. Because of their success, ransomware groups have DDoS extortion operators masquerading as affiliates like the recent REvil DDoS Extortion campaign.
  • VOIP Services were Targets of DDoS Extortion. Worldwide DDoS extortion attack campaigns from the REvil copycat were waged against several VOIP services providers. One VOIP service provider reported $9M-$12M in revenue loss due to DDoS attacks.
  • DDoS-for-Hire services made attacks easy to launch. NETSCOUT examined 19 DDoS-for-Hire services and their capabilities that eliminate the technical requirements and cost of launching massive DDoS attacks. When combined, they offer more than 200 different attack types.
  • APAC attacks increased by 7% as other regions subsided . Amid ongoing geopolitical tensions in China, Hong Kong, and Taiwan, the Asia-Pacific region saw the most significant increase in attacks year over year compared to other regions.
  • Server-class botnet armies arrived. Cybercriminals have not only increased the number of Internet-of-Things (IoT) botnets but have also conscripted high-powered servers and high-capacity network devices, as seen with the GitMirai, Meris, and Dvinis botnets.
  • Direct-path attacks are gaining in popularity . Adversaries inundated organizations with TCP- and UDP-based floods, otherwise known as direct-path or non-spoofed attacks. Meanwhile, a decrease in some amplification attacks drove down the number of total attacks.
  • Attackers targeted select industries . Those hardest hit include software publishers (606% increase), insurance agencies and brokers (257% increase), computer manufacturers (162% increase), and colleges, universities, and professional schools (102% increase)
  • The fastest DDoS attack recorded a 107% year-over-year increase. Using DNS, DNS amplification, ICMP, TCP, ACK, TCP RST, and TCP SYN vectors, the multi-vector attack against a target in Russia recorded 453 Mpps.

NETSCOUT's Threat Intelligence Report covers the latest trends and activities in the DDoS threat landscape. It covers data captured from NETSCOUT's Active Level Threat Analysis System (ATLAS™) coupled with insights from NETSCOUT's ATLAS Security Engineering & Response Team.

The visibility and insights compiled from the global DDOS attack data, which is represented in the Threat Intelligence Report and can be seen in the Omnis Threat Horizon portal, fuel the ATLAS Intelligence Feed used across NETSCOUT's Omnis security portfolio to detect and block threat activity for enterprises and service providers worldwide.

Visit our interactive website for more information on NETSCOUT's semi-annual Threat Intelligence Report. You can also find us on Facebook , LinkedIn , and Twitter for threat updates and the latest trends and insights.

About NETSCOUT

NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) helps assure digital business services against security, availability, and performance disruptions. Our market and technology leadership stems from combining our patented smart data technology with smart analytics. We provide real-time, pervasive visibility and insights customers need to accelerate and secure their digital transformation. Omnis® Cyber Intelligence delivers the fastest and most scalable network security solution available on the market. NETSCOUT nGenius® service assurance solutions provide real-time, contextual analysis of service, network, and application performance. And Arbor® Smart DDoS Protection by NETSCOUT products help protect against attacks that threaten availability and advanced threats that infiltrate networks to steal critical business assets. To learn more about improving service, network, and application performance in physical or virtual data centers or in the cloud, and how NETSCOUT's security and performance solutions can help you move forward with confidence, visit www.netscout.com or follow @NETSCOUT on Twitter, Facebook, or LinkedIn.

©2022 NETSCOUT SYSTEMS, INC. All rights reserved. NETSCOUT, the NETSCOUT logo, Guardians of the Connected World, Adaptive Service Intelligence, Arbor, ATLAS, Cyber Threat Horizon, InfiniStream, nGenius, nGeniusONE, and Omnis are registered trademarks or trademarks of NETSCOUT SYSTEMS, INC., and/or its subsidiaries and/or affiliates in the USA and/or other countries. Third-party trademarks mentioned are the property of their respective owners.

Social Media:

https://www.facebook.com/NETSCOUTinc

About Business Wire

Business Wire
Business Wire
101 California Street, 20th Floor
CA 94111 San Francisco

http://businesswire.com

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Visa Introduces Platform for Stablecoin Minting, Movement and Management16.7.2026 16:30:00 CEST | Press release

The Visa Stablecoin Platform gives financial institutions, fintechs and other payment providers a single environment to come onchain and run stablecoin operations with Visa. Today, Visa (NYSE: V) announced the Visa Stablecoin Platform (VSP), a new enterprise platform designed to help financial institutions, fintechs, and crypto natives access stablecoin capabilities through a single Visa-managed environment. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260716292689/en/ Building on Visa’s broader crypto strategy, VSP gives FIs, fintechs and other payment providers a simple way to access, store, and redeem stablecoins, beginning with Open USD (OUSD), a new stablecoin recently introduced by Open Standard. This includes onchain wallet infrastructure through a newly introduced Wallet-as-a-Service offering and connectivity for minting and burning Open USD. “Stablecoins are opening up a new layer of programmable money, but for mo

Cyclic Materials Appoints Tomasz Poznar as Chief Commercial Officer to Accelerate Global Commercial Growth16.7.2026 15:20:00 CEST | Press release

Industry leader in critical materials and battery recycling to drive Cyclic’s global commercial growth and strategic partnerships. Cyclic Materials, the rare earth recycling company building a circular supply chain for rare earth elements and critical materials, today announced the appointment of Tomasz Poznar, Ph.D., as Chief Commercial Officer. The appointment strengthens Cyclic Materials’ executive team as the company accelerates commercial expansion across North America, Europe, and Asia. Most recently, Poznar served as Chief Commercial Officer at Ascend Elements, where he led the company’s global commercial strategy, strategic partnerships, and business development. During his tenure, he helped secure more than USD $1.5 billion in commercial agreements, including a landmark USD $1 billion supply agreement with a major global automaker, while also supporting approximately USD $320 million in TCTF government funding that accelerated the company’s growth in North America and Europe.

Modon Holding and Nammos Hotels & Resorts Bring Nammos Ras El Hekma to Egypt’s North Coast16.7.2026 14:50:00 CEST | Press release

Developed in partnership with Nammos Hotels & Resorts, the landmark Mediterranean destination will bring together branded residences, a luxury resort, restaurant and beach club, retail village, and signature dining and wellness experiences to Egypt for the first time. Abu Dhabi-based Modon Holding and Nammos Hotels & Resorts have announced Nammos Ras El Hekma – the renowned lifestyle and hospitality brand’s first fully integrated destination in Egypt. Located within the Wadi Yemm precinct, the development will bring Ras El Hekma’s promise of timeless Mediterranean living to life, combining Nammos Residences, Nammos Resort, Nammos Village, and a curated selection of all-day dining and wellness experiences, including the globally renowned Nammos Restaurant & Beach Club. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260716740934/en/ Modon Holding and Nammos Hotels & Resorts bring Nammos Ras El Hekma to Egypt’s North Coast (Pho

Tridiagonal.ai (T.AI) Partners with PETRONAS Carigali’s TriCipta AI with IBM to Advance Engineering Domain-Driven AI Solutions for Upstream Operations16.7.2026 14:30:00 CEST | Press release

Tridiagonal.ai will contribute engineering domain-driven AI solutions, physics-informed models and Decision Intelligence capabilities to support upstream surface equipment optimisation, maintenance reliability and asset integrity decision workflows. Tridiagonal.ai Pvt. Ltd. (T.AI), the dedicated AI arm of Tridiagonal Group, announced its role in the third Joint Development Agreement (JDA) involving PETRONAS Carigali Sdn. Bhd. and IBM Malaysia Sdn. Bhd. to advance PETRONAS Carigali’s flagship TriCipta AI across the Upstream value chain. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260715579933/en/ Signing ceremony for the third TriCipta AI Joint Development Agreement, attended by executives from Tridiagonal.ai (T.AI), PETRONAS Carigali, and IBM Malaysia. TriCipta AI is PETRONAS Carigali’s partnership model that combines deep domain technical expertise with advanced AI technology experts to accelerate the development and dep

Crown Bioscience Joins C-Path's NAMs Developer Coalition to Advance Human-Relevant Models in Drug Development16.7.2026 14:30:00 CEST | Press release

Global CRO brings patient-derived models, organoid platforms and biomarker expertise to collaborative effort advancing regulatory acceptance of New Approach Methodologies Crown Bioscience is a global contract research organization (CRO) specializing in oncology drug discovery and development, today announced it has joined Critical Path Institute's (C-Path) New Approach Methodologies Developer Coalition (NAMs-DC), a collaborative initiative dedicated to advancing the validation, qualification and regulatory adoption of innovative human-relevant research methods. Crown Bioscience joins a growing community of technology developers, pharmaceutical companies, regulatory stakeholders and scientific experts working to accelerate the adoption of New Approach Methodologies (NAMs) across drug discovery and development. Through its participation in NAMs-DC, Crown Bioscience will contribute expertise spanning patient-derived xenograft (PDX) models, patient-derived tumor organoids, ex vivo patient

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye