New research from Cloudflare, a content delivery network provider, revealed a surge in well-planned distributed denial-of-service (DDoS) attacks during the second quarter, predominantly conducted by hacking groups based in Russia.
The total number of DDoS requests reached 5.4 trillion, a 15% increase compared to the first quarter of the year.
Although the attacks are up in 2023, they are lower than the second quarter of 2022 when 8.3 trillion requests were recorded. The hardest-hit industries include cryptocurrency, gaming, and gambling, with a striking 600% rise in DDoS attacks reported by cryptocurrency companies alone.
While DDoS attacks can be brief, their recovery process is often time-consuming, causing significant disruptions for targeted companies. The increase in DDoS attacks is attributed to several factors, including pro-Russia hacktivists targeting Western nations during the Ukrainian conflict, the proliferation of powerful virtual machine botnets, and the exploitation of a zero-day vulnerability in the Mitel business phone system, which intensified some attacks.
Pro-Russia hacktivist groups like Killnet, REvil, and Anonymous Sudan announced “massive” coordinated DDoS attacks on U.S. and European financial organizations, aiming at various sectors such as software, gambling, gaming, telecom, and media.
The rise of virtual machine botnets, which are up to 5,000 times more potent than botnets comprising infected smart devices, has emerged as a significant threat. By using virtual machines, hackers can conduct large-scale DDoS attacks with a relatively small number of computers.
Cloudflare reported a record-breaking 71 million request-per-second DDoS attack executed by a VM-based botnet in February. The vulnerability in the Mitel MiCollab business phone system (CVE-2022-26143) is another critical factor, as it enables attackers to flood the system with simulated calls, testing its resilience without authentication.
The U.S. was identified as the largest source of DDoS attacks, followed by China and Germany. However, when comparing the attack traffic to the overall traffic within each country, Mozambique, Egypt, and Finland stand out as significant sources of DDoS attacks relative to their traffic footprint.
